For Throwback Thursday (#tbt) we’re continuing our theme of Security and re-posting this blog where we discussed how to safeguard your data. Click here to read last week's post on segmenting your network to protect your data.
If you are the one closing your restaurant for the night, a part of your routine is to physically lock up the property. That may involve arming a security system and, at the very least, locking the doors to your restaurant. And with that, you run down your mental check list as you head out the door to ensure you’ve done everything you should to protect your operation.
But what about your data? Are your systems and networks locked down, or might you be exposed to risks of data theft and non-compliance fines? One way to start understanding practical ways to secure data is to understand the common misconceptions regarding data and network security. These myths include:
- Installing antivirus software is sufficient for combating cyber threats. That’s not correct. The Internet threat landscape has evolved beyond the capabilities of a single tool. Safeguarding data and IT operations requires a layered approach. This involves recognizing that a single tool, such as antivirus, has limitations and might fail.
- Being compliant with security standards is sufficient for protecting data. Not quite. While standards, such as PCI DSS, outline measures useful for safeguarding IT resources, they don’t account for all risks faced by businesses. It is still possible for an organization that is compliant to fall victim to a cyber attack.
- Cyber criminals only go after large, high-profile organizations. In fact, criminals often don’t discriminate between the size and type of their victims in pursuit of financial gain. Countless small and mid-sized businesses had their networks breached in a manner similar to the security incidents suffered by larger organizations.
- Password-protecting access to a system or network prevents unauthorized access. Actually, cyber criminals employ tools to guess passwords with great success. Therefore, access to sensitive data resources should be restricted using a second authentication factor, such as a one-time use code from a phone or a key fob.
- The user of a compromised system can easily detect the security breach. Unfortunately, the malicious software often operates stealthily, discretely stealing data or performing other functions. Security solutions often include the ability to automatically detect intrusions, even if the user doesn’t notices any issues.
Data security is an ever-changing topography. As IT pros devise new ways to secure networks and systems, cyber criminals come up with new ways to those defenses. If you don’t have the resources on staff to handle data security, enlist the aid of a company that specializes in addressing restaurants’ network security concerns.
Have you fallen victim to one or more of the security myths above? What steps have you taken to protect your business? I’d love to hear from you in the comment area below.