The hidden liability: How to keep your business data safe

Data stored on business systems is both an asset and a liability. Like any asset, your data is worth guarding, and like any liability, it’s worth mitigating. Personal identification numbers, customer payment information, contact lists, product/service roadmaps, and intellectual property are just some of the types of confidential data that’s stored on almost every business computer and server.

According to data obtained by Crucial via a Freedom of Information request, 3,533 laptops have been lost in five years on the Transport for London network. There has been a 79 per cent increase in the number of laptops lost on the tube since 2010, with 885 lost in 2014/15 compared to 494 in 2010/11. An additional 801 have gone missing in the last three years at eleven Network Rail operated stations across the UK.

But this only paints a small part of the picture. If you then think about the number of laptops that might have been lost on buses, at airports, car break-ins, theft, burglary and unreported losses, the number of unprotected laptops really starts to add up. It really starts to demonstrate how vulnerable our data really is, and how easily it can get into the wrong hands.

These figures emphasise the vulnerability of data – commuters and employees risk misplacing confidential, personal or company data, which could get into the wrong hands, demonstrating that accidental data loss can happen to anyone at any time.

All data is vulnerable in the event of accidental loss, which can become high-value target for hackers and data thieves. It is essential that you take steps to keep your data safe, in the event that it gets into the wrong hands.

The best way to protect data stored on computers is to encrypt it at the hardware level using self-encrypting solid state drives (SSDs). This critical data security step is often overlooked; as new systems tend to come with low-grade preinstalled hard drives which often lack encryption technology. In the event that a pre-installed hard drive has encryption, it’s typically software-based, which is one of the weakest forms of encryption. Software-based encryption slows down system performance and productivity, whilst also putting data at risk of being compromised because the software protocol relies on the operating system and remains vulnerable to rootkit attack.

In contrast, self-encrypting SSDs use top-level AES 256-bit encryption technology that’s built into the storage drive to encrypt every file and piece of data at the hardware level. This is the same method of encryption used by hospitals and banks, and helps organisations enhance security and minimise liability.

If your business does become the victim of a breach or data loss, then the repercussions can be severe. Under the Data Protection Act, businesses can receive a substantial fine from the Information Commissioner’s Office (ICO) for losing customer data. The international standard for information security management, ISO 27001, gives businesses guidelines on how to best comply with data protection laws, which are set to get much tougher.

It’s unclear how the ramifications of Brexit will affect this, but from 25 May 2018, the EU General Data Protection Regulation (GDPR) will become enforced. This in theory will allow the ICO to levy penalties which could reach the upper limit of €20m or 4 per cent of global turnover, whichever is higher. Soon the threat of insolvency or closure of a business due to data breaches will become very real, if information security is not strictly enforced.

Data loss will also have a significant impact on your reputation and public perception, with trust in your brand eroded. The TalkTalk hack is a good example of what can go wrong following a breach, with a total cost of the breach coming to around £80m as well as the loss of more than 100,000 customers.

Businesses rely on confidential data, which includes customer payment information, personal records, or internal product roadmaps. Using self-encrypting SSDs to lock up your data helps protect the integrity and confidentiality of your data, and as an added benefit, can improve business productivity by eliminating the use of slower mechanical hard drives. Testing shows that SSDs are six times faster than traditional hard drives, meaning your business can work faster and improve productivity, whilst also strengthening data security.

Enhancing data security requires taking extra precautions, but it doesn’t have to be difficult or expensive. What’s really expensive is losing data that your business has a legal obligation to protect.

Safeguard your data by swapping out vulnerable preinstalled hard drives, and start encrypting your data at the highest level and improving system speed and performance. Your data is an asset and a liability. Guard it.

Jonathan Weech, Product Manager of Solid State Storage (SSD) at Crucial

Image source: Shutterstock/Wright Studio