5 Things You Should Ask the Companies You Do Business With
We all know that keeping our personal data safe is important, but what about the companies you do business with? How are they keeping your information safe? It’s a great question to ask, especially when another company has access to your organization’s information. Here are 5 things you should ask the companies you work with when it comes to data security:
1.Is your data secure?
Program passwords should be changed regularly to minimize the risk of identity theft and unauthorized access to information. Companies should also be diligent in making sure that operating systems are current, and that the latest security updates are downloaded. Additionally, companies should always exercise extreme caution when it comes to suspicious emails that appear questionable. One of the most vulnerable threats to security comes from phishing emails that attempt to obtain sensitive information such as usernames and passwords. These types of emails should be reported and deleted immediately.
2. How is digital data stored?
Company and clients’ data should be stored on an encrypted password-protected secure cloud network. This will not only protect said information, but it will also ensure that it will not be misplaced or lost.
3.What about hard copies of your information; are those safe?
Companies should have a policy of requiring all hand-written notes and paper documents to be shredded on-site, daily. Documents that cannot be immediately shredded, such as those which containing original signatures, should be stored in secured cabinets that always remain locked when not in use.
4. Who has administrative access to computers?
A minimal number of designated company management personnel should have administrative rights to employee computer workstations. Regular employees should not have the ability to add or download software which could leave data vulnerable. Employees should be required to lock their computers anytime they are away from their workstations.
5.Who has access to your office/building?
Building security varies from location to location; however, companies should always keep track of who comes in and out of their office space daily, both employees and visitors. Do they require keys or fobs to access their office space? Does their office qualify as a “shared” office space? Key fobs should be deactivated immediately after being reported as lost or stolen or when an employee is no longer with the company. Also, security cameras should be in place to document who has entered and exited the office.
We have all heard, seen, and possibly experienced training on how to keep our own, personal information safe. But shouldn’t we also require those same standards when it comes to our company’s information, and better yet, our clients’?