18 Feb Cybersecurity recommendation | 2 | Protecting the intellectual property of my company
Protecting the intellectual property of my company
Firewalling is all about preventing malicious access from the outside. However, a large part of unwanted data usage comes from inside: have I set up a protection system for my key data?
Data protection has become a hot topic, as more and more stakeholders are now seeing their data as a key asset. Being able to dispose of them in any circumstance, even in case of a crypto locking (ransomware) attack or blackout, is essential. While it is often unrealistic to try and protect 100% of your data, we suggest you should have a look at the following recommendations.
5 key recommendations you should keep in mind
- Define what data are key for the company’s operation: financial and commercial data, R&D plans and results, might be in the lot.
- Make sure these data, and their succeeding versions, are thoroughly protected against unwanted reading, alteration, leakage, and that they are always accessible, even if a problem on the usual systems occurs.
- To reach such an objective you may want to use systems that encrypt the data, or some of them. You may also use a tool with ID management and make sure only authorized persons access them. Storing clear-text data in the cloud must be questioned. Responsibility for encrypting is to be clearly determined (The company itself? The cloud provider? Or a shared responsibility model?).
- If encryption is your choice, it is important to look out for solutions that minimize the impact of data protection: building an own search index, for example, helps to maintain cloud service functionality, such as searching and sorting, reporting, and keeping analytical capabilities.
- If some leakage occurs despite your efforts, you must be confident that you will get notified before the leakage spreads and has a negative impact on your business and image. Data trails and audits show up any internal malicious data attacks and leakages.
Download and consult our Cybersecurity Guide for more recommendations: