Data breaches certainly aren't new, but they are increasingly sophisticated and tend to affect a large number of people. From WikiLeaks and Edward Snowden to the Target data breach and "Heartbleed," just how safe is your information online?
For consumer information, it's hard to take control of your data. Aside from protecting all of your accounts with two-factor authentication, the resposibility of keeping your data safe really lies with the corporations with whom you share information and do business.
For your sensitive company information, however, the answer depends in large part on where your data is stored and who has access to it. It also depends on the security systems you use, how you transmit data when sharing becomes necessary, and even how you secure your computers when you step away to get a cup of coffee. There's a lot to consider; thus, there's no one-size-fits-all solution.
Data Access and Permissions
No matter how secure a given solution may be, if access and permissions are not properly managed, data is vulnerable. Take file-sharing as an example. Can you specify user roles and permissions? Can you allow a file to be shared only with those you have granted access? What happens to the file when you've shared with another party? How can you be sure that person doesn't share it with unauthorized individuals? Audit logs and automatic watermarking that stamps each document with the user's name and email address can help protect the integrity and privacy of your data.
Information Security Concerns
Computer viruses, worms, and other exploits require an ongoing approach to security. Unless your organization has a dedicated IS or IT team proactively monitoring and responding to threats, your data could be vulnerable. Startups and small businesses may be better off choosing a third party solution to encrypt and protect their most sensitive data.
Other Security Concerns
Another issue involves the physical security surrounding your data systems. For example, is your server adequately secured or could a burglar easily walk off with it? What about internal threats? Could an employee copy files onto a USB drive, slip it into a briefcase, and then leave the building? Even when authorized to take work home, how secure is the employee's personal computer?
Whether from hackers, spies, snoops, viruses, bugs, or (intentional or unintentional) breaches by employees, your company's information could be at risk. Be sure your company has a solid plan for storing and sharing sensitive company informaion, that proper access is granted to proper individuals, and that employees are trained in security protocols (no emailing confidential information!). Isn't it time you took matters into your own hands?