Data Protection and How to Do It

Really simple steps for IT managers

Keeping your data safe, your business compliant and your end users productive yet secure is easier than you think. It begins with a few simple steps designed to help you build your data protection strategy.

Security and productivity—get the best of both

Employees work while they travel, contractors work remotely anywhere in the world and sensitive data may be easily downloaded from the company network. The risks of data loss grow with more and more people working outside of your network.

By putting in place a few vital best practices, you can proactively manage risks. The best practices offered in this guide work behind the scenes to keep you protected without affecting end-user productivity.

How secure is your data?

You need to protect your business roadmap, your product database, your customer files and your reputation. We can help.

Ask yourself:

  • Where is it? On laptops, servers, USB devices?
  • How much is sensitive for compliance?
  • Who can access it?
  • Where are the weaknesses?
  • How can I create simple security measures for my end users?

Build your plan

Simply put, you can’t go wrong when you follow these tips for data security:

  • Evaluate the processes and communications that take place in your organization. Your data security strategy is only as strong as your weakest link. Think in terms of the three Ps—People, Policies and Processes.
  • Consult with your legal department when crafting your data security plan. If your company operates in the financial, insurance, healthcare, energy or education sectors, you must comply with strict regulations. Similarly, confidentiality agreements between partners, providers and clients, and employers and workers, are subject to legal enforcement. For more help, download a free copy of our Compliance for Dummies eBook.
  • Keep track of the guidelines in your industry and relevant compliance provisions within your company. Periodically review policies and processes and adjust to meet changing regulations. You can also read our Top 10 Tips to Avoid the Regulatory Auditor's Wrath.
  • Make compliance easy for end users. The best security measures are ones your end users follow automatically. Complicated procedures and functions can create fear and avoidance. Support compliance and corporate policies with technologies that operate continuously and transparently.
  • Train your users. Explain the consequences of a lost laptop, a mobile device left behind, and the careless transmission of data. Let users know why data security is important for the business, for employee-customer relationships and for job security. You can get more information on the cost of a lost laptop in the presentation in the Data Protection and How to Do It toolkit.
  • For more help crafting your data security user policies and educating your end users, refer to the Sample User Policies to Work By and the Data Protection Top Tips in the Data Protection and How to Do It toolkit.

Putting your plan into action

Consider your day-to-day processes and create a comprehensive plan to keep your data protected. This means regular review of key process areas, including:

  • Mobile workforce
  • Confidential email communication
  • Loss or theft of storage media
  • Work in the cloud
  • Outsourced work and materials
  • Internal areas of risk

Here are some ways you can protect and prevent—a roadmap to even better protection:

Step 1: Secure your mobile devices—remote lock and wipe a lost or stolen device

  • How to do it: Sophos Mobile Control
  • Configure your devices to match the security policies of your company. With Sophos Mobile Control, you'll manage the policy settings for email, VPN and other IT systems from a single platform, over the air.

Step 2: Make hard disk encryption standard on all laptops

  • How to do it: SafeGuard Easy or SafeGuard Enterprise
  • With Sophos SafeGuard Easy or SafeGuard Enterprise, hard disk encryption prevents access by unauthorized personnel. With the single sign-on (SSO) engaged, employees present only one password to gain access to the computer. Differences in the functionality of laptops are not an issue.

Step 3: Encrypt and digitally sign all email

  • How to do it: SafeGuard MailGateway
  • With SafeGuard MailGateway, encrypted email messages and attachments sent over your enterprise email system include digital signatures and verification of the identities of email senders and recipients.

Step 4: Protect removable storage devices

  • How to do it: SafeGuard Data Exchange
  • Encryption prevents unauthorized access to hard drives, flash memory cards, optical media, memory sticks and similar storage media. With SafeGuard Data Exchange, storage media can be encrypted beforehand. And access to data located on unencrypted storage devices can be easily denied.

Step 5: Tie down your data in the cloud

  • How to do it: SafeGuard Cloud Storage
  • Encrypt your data before it is uploaded to the cloud. Our planned product SafeGuard Cloud Storage will protect confidential documents with transparent encryption, even on iPads and Tablets. Third parties can also exchange information this way—simply share a password and they're set.

Step 6: Control access to sensitive data

  • How to do it: SafeGuard LAN Crypt
  • Control who has access to confidential data internally and externally by always encrypting data. SafeGuard LAN Crypt prevents unauthorized users from viewing stored confidential information on enterprise servers.

Don't let your data keep you up at night. Register for Data Protection and How to Do It now.

Download a free Virus Removal Tool

Security Solutions