Regulatory mandates require compliance. Here are some security measures you can take to help your business meet regulations and stay compliant:

Establish Information Security: Information is an important asset for any business. Many regulations require businesses to show what controls are in place to ensure proper management practices. It's important to establish policies for how information--including customer data, client records, and confidential information--is handled. Protecting confidential information and financial and accounting records is also important. You should consider using password protection for important documents and files, as well as monitoring user access logs, especially if questions arise at a later time regarding any unexpected changes to information or data theft.

Maintain Integrity: Data integrity is an important part of many regulations. One way to maintain integrity involves storing original versions of important documents and data for auditing purposes. You should also maintain an access log so that you will know what changes were made, when, and by whom.

Restrict Access and Protect Data: Limit access to confidential information or data that is private by enforcing policies and creating IT controls such as password protection and authentication. Data protection is an integral part of adherence to government regulations. Stolen data raises red flags and offending businesses often have to pay substantial amounts in compensation to the victims of data loss or theft. In addition, there is also the cost of reclaiming lost business since customers who are wary of data breaches may choose to switch to other businesses that they believe have better security practices.

Back up Files: Aside from data theft, data can be lost because of inadvertent actions or unforeseen natural disasters. Therefore, it is important to back up critical information. A disk-based backup solution is one option that requires little effort after initial setup. You can maintain backup files on a server offsite as extra protection should any physical damage occur to the business. By backing up information, you can have access to important records at any time, and government authorities or financial agencies will be able to access this information quickly and easily should the need arise.

Install Antivirus, Firewalls, and More: You should install antivirus protection on all of your computing machines to protect against viruses and other malicious code. You should also install firewalls to your network and desktop machines to prevent hackers and unauthorized users from gaining access to information stored on your servers and desktop computers. Depending on the type of business you operate, you may consider compliance software to measure, track, and report compliance with security standards.

from Symantec

Return to praxis.com      Return to newsletter