What do you need to protect?
You can’t begin to determine what security you need before you’ve determined three basic facts:
Once these steps are complete, we can begin to recommend an appropriate Layered Security Solution to meet your needs. If you’ve ever put together information to enable an insurance agent to give you a quote, you’ll recognize the process – it’s exactly the same – what’s valuable, how much is it worth, and where do you keep it?
Step 1: What data do you need to protect?
The answer to this question will clearly be different for every individual and every business, but here are some suggestions to get you started. Make as complete a list as you can, because until you determine what’s valuable, you can’t determine how much protection you need.
- Employee data – payroll, taxes, retirement plans, health care, personal information
- Vendors – price lists, financials, contracts
- Intellectual property – business plans, patent & trade mark filings, trade secrets
- Financials - stock information, accounting data
- Personal – Social Security number, driver’s license, medical data, passwords and PINs
- Financial – bank accounts, credit cards, investments, tax returns
- Sentimental – photos, music, documents, family tree research
Return to Top
Step 2: What is the value of this data?
What would the cost be in terms of time, resources, and reputation to you ot your business if any of these categories of data were lost, stolen, compromised or corrupted?
- Think through what would happen if that data became unavailable.
- Place a value in terms of time and money on each category identified above.
Step 3: Where is the data stored, and who has access to it?
Consider where each category of valuable data is stored, where it moves to and from, and who has access to that data at each point. Think about it in terms of:
- Data at rest - data that is backed–up or not being accessed on a regular basis, stored on desktops, servers, backup media.
- Data in transit - data that’s moving across networks, to and from the Internet, over email or instant messaging, being carried back and forth on a laptop, USB drive, PDA, phone, or iPod.
Return to Top
Remember that your data will often by out of your sight and out of your control – in hotels, in taxis or airplanes, in your employees’ homes or cars, even being uploaded using a computer in an Internet café or a hotel business center.
GO TO THE FIRST LAYER