According to a December 2009 Accenture study on data protection and privacy, 58 percent of survey respondents indicated their company had lost sensitive personal information and 60 percent had an ongoing problem of data security breaches.
If your company has not faced cyber crime problems, it is important to begin addressing your concerns now before you are faced with security violations. Understanding what steps your company can take to prevent cyber crime can protect your organization from costly and embarrassing security breaches.
Management support and associated funding is necessary to address the issue of cyber crime. Convince senior management of the need to proactively address cyber crime by describing the potential impact on your business should there be a cyber crime breach. Inform management of instances of cyber crime breaches within your industry and the impact such breeches had on the companies involved. Reach agreement that the issue needs to be addressed.
Identify critical business functions that could be impacted by a cyber crime instance. Prioritize the impact of each potential instance and estimate the cost of improving the business's information security. Develop a list of actionable recommendations to address potential security breaches and compile estimates of cyber crime prevention costs to obtain budget approval.
Improve procedures to secure company data. Review how secure entry into your data center is preventing unauthorized access and consider the use of door access controls. Bolt personal computer towers to desks, making it difficult to remove them from your facility. Establish a policy regarding what data can be stored locally at computer workstations and what can be centrally stored and accessed over computer networks. Delete sensitive data from hard drives if computers are discarded or sent out for repair.
Password-protect software applications and assign password management and control to one person. Delete the passwords of employees who leave the company. Develop contingency plans to deal with serious cyber security breaches. This includes the backup and offsite storage of data and, if your business warrants it, arrangements for computer processing to continue at an alternate location should your computer center become inaccessible.
Review available technology to make information systems more secure and, based on your assessment, invest in and implement selected technologies. Such technologies include data encryption and the use of hardware and software firewalls. Data encryption encodes data into unintelligible formats and requires a code to make sense of the data while firewalls prevent unauthorized access to computer hardware, data and networks.