The strongest defense against threats to an organization's data includes security controls, which focus on a main objective of proper security implementation in support of data privacy. These safeguards are used to avoid, detect, and prevent unauthorized access to your organization's facility – protecting your employees and company information. Controls help reduce the risk of damage or loss by stopping, deterring, or slowing down an attack against an asset.
These controls are categorized into three main areas, and include physical (eg. security camera), technical (eg. network authentication), and administrative (eg. training and awareness). While the company can implement these controls, every employee must be held responsible to adhere to the established rules and report any suspicious activity.
As Data Privacy Day Champions, today we're focusing on bringing awareness to data privacy in the workplace and incorporating security controls to prevent potential threats from retrieving private data. Here are four quick tips to help you do your part in protecting your organization against security threats.
1. Keep your office secure
- Lock your computer screen
- Put sensitive files into locked cabinets
- Shred documents when you are finished with them
- Use a laptop lock at your desk
- Do not leave your mobile device unattended
- Erase your white board each day
- Do not store passwords in any physical location
2. Keep the conference room clean
- Gather and destroy any sensitive handouts
- Erase white boards
- Log off of the computer
3. Keep the shared printer area clear
- Use a password when printing sensitive data
- Collect all sensitive printouts and dispose of them securely when finished with them
- Don’t leave originals on the printer or copier
4. Rules must be defined and enforced
- Limit access to any area storing private information (file rooms, server rooms, etc.) and monitor access to these areas
- Ensure cabinets remain locked at all times
- Possibly deter intrusion with surveillance equipment or badge entry
Proper implementation of these security measures can go a long way in preventing unwanted people from breaching your organization. to maintain effectiveness, it's suggested to continuously remind your employees about the importance of security and require them to take part in a security awareness program within your organization.