By Jessica Mielke
Risk Management Specialist
McNeil & Company
As we continue to rely more on technology, we find ourselves replacing paperwork with digital filing on our computers or other electronic devices. This trend has carried over to the departments and organizations we serve. With this growing reliance on technology, we leave vital information, both public and private, open to a cyber-attack.
We would all like to think that our information is safe and a breach could never happen to us, as individuals or organizations. However, cyber-attacks are becoming a frequent occurrence and many organizations are not prepared to take the proper steps to address the problem. These breaches come at a great cost to a department, both financially and reputably.
Knowing how to prevent cyber breaches and taking the necessary precautions can help protect your organization’s information. By having a plan in place, your organization will be better prepared when a breach does occur. There are a few preemptive steps you can take to keep your information as safe as possible:
- Implement Risk Detection Training: By building awareness with your organization, you can put security measures in place. Having training with everyone who comes in contact with sensitive information on how to identify and report a breach, even in the early stages, will have a positive effect on data breach preparedness.
- Encrypt All Devices: Encrypting with a complicated password can help prevent files being accessed by potential hackers. Make sure to store all private information on an encrypted device and backup all your files often, keeping them in a secure location.
- Log All Devices: Knowing what devices your organization has, and who has them, is critical. By keeping a log of these devices, you can know where your confidential information is stored and help prevent a potential breach. Keeping these devices in a secure location and locking them up will prevent lost items.
- Implement a Written Cyber Security Procedure: With a specific procedure in place, your organization would have a clear and concise plan so members/employees would know what steps to take to respond to a cyber breach. Employees would know how to dispose of vital data, what to do with a compromised device and how to answer questions from anyone wanting access to personal or confidential information.
Be sure to work with whomever controls your computer system to find out what protections will be the best fit for your organization’s needs. Remember that a proper training is the first, and most important, step to being able to detect if your organization has had a breach. The earlier the detection, the better off your organization will be. Even with a training established, it’s important to have a clearly written procedure in place so employees know what to do in case of a breach and how to dispose of vital information before it is exposed.