Best Practices to Protect Your Data

The Cyber Security Sphere - Best Practices to Protect Your Business Data

What business owners consider to be valuable assets will vary from one business owner to another  but when all is said and done - it's all data.

You may consider the privacy of your assets to be an asset in itself; as this may relate to your identity and anonymity. Maybe you don’t want some things associated with your identity. This could be anything from your browser history, what you download or something you share on social media.

What you consider to be assets are individual to you and your business.

However, many if not all of us share most of the following common denominators:

Your valuable assets may consist of:

  • Your Identity; Your Privacy; Your Anonymity; Your Content; Your Files; Your Accounts; Your Financial Details; Your Email; Mobile & Online Activity; Your Geo Location

Your privacy. Your anonymity. Your files. It's all data at the end of the day.

What security controls should you choose?

We consider it best practice to apply security through various security controls to protect what you value. This means you really need to understand completely to what degree your security and IT infrastructure services are resisitant to threats from those who pose them.

We select security controls based on the types of threats and adversaries we face.

There a many security controls to choose from such as:

  • Tor, VPN, JonDonym, Opsec, Encryption, 2FA, Patching, HTTP filter, Firewall, OpenPGP, SSL/TLS, HTTPS, SSH

 

The biggest threats to your data

Threats are the unsavoury dangers to your data that can materialise in the cyber landscape such as:

  • Vishing, Phishing, Spying, Adware, Spyware, Rootkits, RATS, Viruses, Malware, Mass Surveillance, Regulating Encryption, Exploit Kits, Legalized Spying, Backdoors

 

Who is posing these threats?

Threats must be manifested and enabled by an appropriate agent for them to be realised. The people who enable threats to your assets could be:

  • Spies, Nation-States, Hackers, Hacker Groups, Crackers, Colleagues, Oppressive Regimes, Cyber Criminals, Law Enforcement, Ex-Partner (if you’re unlucky!), and Governments

 

Our engineers define risk by the probability of a possible threat exploiting vulnerabilities in both your systems and security controls plus the potential consequences of a threat materialising. There is risk to your business data so as long as a cyber criminal considers business data to be valuable. 

For all of us in the digital era - our privacy, identity and anonymity are all under the same umbrella of what it is that whets a hackers' appetite.

Those who pose the threats are your enemy. You protect yourself by thinking of them as the enemy.

Understanding the threat landscape you face is knowing your enemy.

Click to calculate to what degree your business is at risk based off assets you consider valuable.

Huw Tremlett

Data Management Consultant

Huw Tremlett