Data security should always be a priority within any business, large or small, and with the rapid adoption of cloud systems more and more business data is online or hosted within data centres.
At Ardento we are cloud software evangelists and 90% of our products and services are focused on cloud technologies. Ease of access and mobility being a huge positive for cloud software solutions and from a security architecture point of view, cloud system are likely to be much more secure than traditional on premise solutions and databases. This is mainly due to the fact that leading cloud software systems are hosted from very secure data centres with various disaster recovery or cyber security protocols in place.
However there is one very simple and often overlooked security measure that is between the billions of internet users and your cloud software data, the humble ‘password’.
If password authentication is your only method of authentication and your password is weak, then this could pose a potential security risk for you, your business and the data within.
So considering this, if data security has not been a focus or concern up until this point, there is now one very good reason it should be in 2018.
Effective from 22nd of February 2018 the Australian government will implement the Notifiable Data Breach (NDB) scheme.
What is the NDB scheme? In short, the NDB scheme legally requires businesses to notify any individuals likely to be at risk of serious harm by a data breach. A data breach can occur in a variety of ways, from physical hardware being lost or stolen E.g an employee laptop. Or it could be a larger and more complex breach such as a cyber attack.
It is important to understand that it the responsibility of each business to personally notify any individuals that may be affected by the breach as well as the Australian Information Commissioner.
The easiest way to avoid the headache of a data breach is to ensure all reasonable measures are taken to secure your systems and the data within.
Here a few a steps that can be taken –
- Ensure you have strong passwords for all systems, especially externally accessible cloud systems.
- Implement password complexity policies where possible.
- Implement Multi-factor Authentication (MFA), such as SMS codes or additional mobile logins.
- For physical and on premise networks, ensure you consult with IT infrastructure experts and have the approach, firewalls, antivirus/malware and intrusion protection systems.
You can read more in depth information about the Notifiable Data Breach Scheme at the following links