4 Steps to Protect Your Offline Data

When corporate data breaches make news, the story usually involves information that is accessible online. Hackers engage in various tactics to get past internet security protocols to steal and exploit personal and financial information or to take over websites for the purpose of holding them hostage.

It’s important that companies have safeguards to prevent this, but there’s another issue that’s often ignored. Offline data is also at risk.

What Is Offline Data?

Offline data is any information that’s stored electronically but isn’t accessible via the internet. This includes:

• Data on laptops or computers that aren’t currently connected to the internet
• Data stored on hard drives that aren’t installed in computers
• Information on tape backups
• SD card data
• Other external storage media devices

Keep in mind that even when data is not accessible over a network, breaches can still happen offline.  In fact, closed investigations data from the Office for Civil Rights (OCR) showed about 12 %  of breaches were due to Improper Disposal, Loss, and Theft.

Keeping Your Data Safe

Fortunately, there are ways to keep your offline data safe.

1. Provide Employee Training

Most offline attacks happen due to employee action or inaction. A worker might turn their back on a device for a few moments and have it stolen. Another might be convinced that a “delivery person” should be allowed into a restricted area.

The first example shows how a moment of negligence can lead to the theft of data. The second is an example of social engineering.

The best way to avoid both situations is to implement strong policies around devices and data, then offer training to back that up. Ideally, this training will be repeated from time to time and updated as hackers come up with new techniques.

2. Control Physical Access to Devices and Hardware

All devices and hardware should be kept secure when not in use. Any rooms inside a business that will hold devices or hardware should be secured with a high-quality lock and alarm. Portable devices should be left at work unless absolutely necessary. Workers who do take devices home can be discouraged from leaving them unsupervised or using them in public spaces.

Also, consider disabling USB and other ports to prevent anyone from physically connecting to the devices. Some organizations make it a policy to tell employees that they can’t use USB drives.

3. Maintain Secure Backups

If your offline data is backed up and stored in a secure location, you remove the ability of thieves to hold that data hostage. Additionally, if a stolen device is ever brought online, there may be steps you can take to wipe it clean.

4. Destroy Old Data

The less data you store, the lower your risk. This includes both online and offline information. Any data that’s outdated or no longer needed should be properly shredded or wiped from the media it’s stored on.

SEAM in Sioux Falls is certified to prevent data breaches with convenient data destruction and sanitization services. We work with businesses in North Dakota and South Dakota to properly shred hard drives and storage devices as well as and wipe data from any device you wish to resell. Contact us for a free quote.