START WITH THE BASICS1. Lock and Secure Sensitive Information Stored inPaper Files and on Removable Storage DevicesTheft or loss, and the subsequent unauthorizedrelease, of sensitive data, or Personally IdentifiableInformation (PII) (eg: social security number,credit/debit card information, medical records/charts), stored in paper files and/or a removablestorage device (eg: computer disk, thumb drive)may constitute a data breach. Never leave sensitiveinformation unattended. Store it in a locked drawer,cabinet, safe or other secure container when not inuse. Also consider installing an alarm system thatalerts law enforcement if you have a break-in onyour premises2. Restrict Access to DataRestrict access to sensitive data, whether physicalor electronic, to those who have a “need to know.”Most employees do not need unrestricted access toyour company’s entire network. Remember to limitnetwork access on computer stations located inpublic spaces, such as the reception area.3. Properly Dispose of Sensitive Data When NoLonger Needed or RequiredShred documents containing sensitive data priorto recycling. Remove all data from computers andelectronic storage devices – including those oncopy machines – prior to disposing of them.4. Record and Regularly Review Data PracticesDistribute and explain data protection practices toall employees. Review and revise these practices ona regular basis – at least annually. Make sure to retrainstaff as changes to your data practices are made.STRENGTHEN YOUR TECHNOLOGYPRACTICES5. Password Protect SystemsPassword protection helps to prevent unauthorizedaccess to sensitive information, protect security ofpersonal information and prevent unauthorized accessto user and email accounts. All users should beassigned unique user names and strong passwordsfor access to systems – changed at least quarterly.Conduct a password audit on a regular basis.6. Encrypt DataEncryption helps protect the security and privacyof files as they are transmitted or while on yourcomputer. Install encryption onto all laptops, mobiledevices, flash drives and back-up tapes, and encryptemails that contain sensitive information.7. Ensure That Remote Access to Your Networkis SecureRemote access to your network should be madethrough appropriately enabled Virtual PrivateNetwork (VPN) connections and multi-factorauthentication (e.g. soft tokens or fingerprintsin addition to passwords). Passwords should bechanged on a regular schedule and meet minimumcomplexity and length requirements.8. Keep Software and Operating Systems CurrentKeeping your software and operating systemscurrent by installing software and security updatesis your first line of defense against hackers, whooften take advantage of unprotected systems togain access to sensitive data stored on a computer.8. Keep Software and Operating Systems CurrentKeeping your software and operating systemscurrent by installing software and security updatesis your first line of defense against hackers, whooften take advantage of unprotected systems togain access to sensitive data stored on a computer.All Access InsuranceRick Cline Agencywww.rickclineagency.com