Our Blog

image

Digital Asset Protection – Day 4 – Know Thy Stuff: Part 4

Hello! If you are new to this series on securing your small business in 5 minutes per day than you should start with Day 1. If you are all caught up then welcome back and let’s dive into it.

Today, Digital Asset Protection, is the last day of “Know Thy Stuff”… at least for now. By now we have a good inventory of what digital assets we have, how important they are to us, and what data we hold in them. The last step is to do some cleanup. Take the next 5 minutes (or delegate as appropriate) to go through and think if you really need all the data you currently possess. Every piece of data you own is an asset, but also a risk. In the event of a security breach the cost to your company will vary dramatically on the volume, type and protections around your data. Below are some examples of common clean up targets, but you should start with the data that is most personal or sensitive such as health information, passwords or social security numbers:

Digital Asset Protection
  • Have old physical servers, network equipment or workstations no longer in active use? Have your IT team, MSP or IT person decommission them and don’t forget to have them safely wipe or shred the drives. Wiping is free but shredding comes with a small cost.
  • Have old file shares you don’t use anymore because you moved to the cloud? Have IT decommission and destroy data after you confirm all needed information has been securely stored.
  • Have an old customer list of inactive customers from a decade ago? If you don’t need it delete it. If you really want to keep it you can encrypt the file and store the key in a password manager.
  • Have customer or employee social security numbers that you don’t really require? Delete them or at least only keep the last 4 in an encrypted file or DB.
  • Have images of government issued IDs such as drivers licenses or passports? If you don’t need these prioritize deleting this information. These are incredibly valuable to hackers and can land you in hot water if you leak them in a breach.

Tomorrow we will attack how we create, store and use passwords to access our critical business systems and digital assets. Cheers!

Be sure to come back for Day Five / Firewall Settings / Basic Hardening Part 1

CTO / Principal Engineer

 

David Hyde-Volpe

CTO / Principal Engineer

CONTACT
INFORMATION

SECURITY MANAGED.
BACK TO BUSINESS!

COST EFFECTIVE BUSINESS SECURITY

Cyber Risk Reduction

Request A Quote

request A consultation

Request A Quote

LAURA GRINDLEY

Business Operations Manager
Certified: GSEC, CompTIA A+
Education: BA, College of William and Mary
Areas of Focus: Project Management, Accounting, Logistics

DAVID HYDE-VOLPE

CTO / Principal Engineer

Certified: GCIH, GSEC, GMON

Education: BS – Chemistry, Clemson University, Completed PhD coursework in Quantum Theoretical Chemistry – Georgia Institute of Technology, Completed PhD coursework in Statistical Mechanical Theoretical Chemistry – Clemson University.

Areas of Focus: Secure Coding, statistical modeling, penetration testing, security architecture

GLENN JOHNSON

CEO / Principal Engineer
Certified: CISSP, GCIH, PMP, CRISC, CISA, CISM, CCSK; previous certifications include CCNP, CCSP, CCVP, CCDP
Education: University of MD. LaSalle University (BS/MS – Information Systems)
Areas of Focus: BC/DR, Quantitative Risk programs and analysis, 1/CISO and 1/CIO functions, security strategy and architecture

Subscribe to Vizius' newsletter
and access our FREE

Ramsomware Vaccine
Roadmap

Free Impact Assessment