How secure is your data? It may not be as safe as you think.

Jeff Ward, managing partner with the accounting firm Stone Carlie, appeared on TNtv.  He said business owners must think about their data as another key asset just like cash, accounts receivable and fixed assets.

Five Components of Data Security

Ward said there are five components of data security to include policies, procedures, hardware, software, and the most important item, the people behind it all.

He said the “people” component may be the weakest link in the process.  Regardless of all the information and investment made into the technical side of security, it is the human element that is most important. Ward emphasizes business owners ensure that security awareness training takes place within the organization.

Complacency is another issue businesses face with data security. They are strapped for cash and tend to spend money on such technical items like a firewall, encryption etc. They may also employ an IT person who may not be up to speed on the latest system vulnerabilities. Business owners tend to get complacent thinking that these types of data thefts don’t happen to small companies or other firms in their type of industry. However he said a high percentage of the smaller companies are now the ones getting a data breach or security attack. Ward stresses that the IT person needs to be up to date on all appropriate security issues and that an IT consulting firm, such as ThrottleNet, be brought in as necessary to assist in that process.

A Four step process to Help businesses create a solid data security program

One is to perform a risk assessment and see where they are vulnerable. Two is to document all policies and procedures so everyone is on the same page. The third piece is security awareness training and so employees know how to act and react in certain situations. Finally he urges business owners, even those comfortable with their security plan, to have their systems tested. This includes undergoing a penetration test, a vulnerability assessment, and preparations for a social engineering attack.

In the final analysis, Ward said, “the proof is in the pudding”. When it comes to data security you are either ready and prepared, or you’re not.

For additional information visit http://www.stonecarlie.com

Watch the full episode of TNTv below!