There is a lot of confusion about how to make sure your important business data is well protected. But there are good data security alternatives for those willing to do just a little work.
First and foremost, establish and maintain an e-mail policy for your company. E-mail encryption with a standard like openPGP and a product like gpg4o for Outlook by Giegerich und Partner is a good start. Make sure you keep good backups of your e-mail and be sure they are well indexed so you can find what you need. GnuPG is also a good alternative if you have the time to learn how to use it.
Your important backups and documents should be stored off-network. This means either an external drive that is not connected to any system or a machine that is not networked. The reason this is important is because network-based attacks can only affect computers that are on the network. Did you see the first Tom Cruise Mission Impossible film? If the machine isn’t networked, you have to be physically at the controls to damage it. Make sure your data is encoded with a Unicode standard like UTF-8. This will provide maximum future compatibility.
Just like your e-mail policy, establishing procedures for password maintenance is absolutely crucial to your security efforts. Find a way to record passwords off-site and off-network so you don’t lose them. Change your passwords and signature occasionally and get in the habit of using strong passwords for all of your accounts. This is probably the single most effective step you can take to protect your company’s data.
Encryption of Stored Documents
You need to be very careful with this, because if you don’t have a good password policy and you forget or lose the passwords to your encrypted files, you’re out of luck forever. There’s no “oops” switch with encryption. There’s no shortcut or master key. If there were, it would be a security problem. However, if you can preserve your passwords, you should consider encrypting stored documents (like financial records and documents covered by non-disclosure agreements) you don’t want other employees or intruders to access.
Use a Secure Operating System
Take some time and study systems like Linux and FreeBSD. Compared to the alternatives, these systems are far more secure and reliable. Consider installing these operating systems on your servers for storage, firewalls and network security.
Protecting your data in an information economy is absolutely crucial to the success of your business. Learn all you can and be sure to implement best practices across your company if you can do so economically and efficiently.