There are a few things you can do. These tips will help protect the information you need to share:
Post your sensitive information on a part of your site that requires viewers to log in, like a membership or employee only area. You can create additional security by making it difficult to log in. For instance, usernames cannot be the user’s actual name or email address, but something they create. The same with passcodes. Require a variety of different characters like upper and lower-case letters, numbers, and symbols that do not include the user’s name. The harder it is to log in, the harder it will be for a hacker to access the information.
Classify the various pieces of information based on sensitivity. Restricted data is the most classified, on a need-to-know basis only and requiring additional steps and logins to access. Confidential or private data is moderately risky to the company if accessed by someone outside. Access to this data should be internal only to the company or department who deals with that data. And Public data is the non-sensitive data you can freely share on your website. This data does not need to be controlled.
Encrypting your data before it is shared over untrusted networks will help to protect it. Use encrypted email or file storage to manage your data and protect it correctly. Using an encryption policy within your company will help employees know what is safe to share and what is confidential.
While the Cloud is all the rage, storing data in the Cloud is essentially the same thing as storing it on someone else’s computer and makes it vulnerable to sabotage. Once your data is loaded into the Cloud, you no longer have full control and protection of it. If you need to store sensitive or classified information, make sure you encrypt it before uploading. It’s also important that you understand the Cloud provider’s policies on backup. Find out who has access to your data, and how they communicate a breach if there is one.
Your system can be threatened both internally and externally so you need to protect your system from both. Put systems in place to check for threats regularly, daily or twice daily at least, to keep your information safe. The sooner you’re aware of a threat or hack, the sooner you will be able to block information being sent or accessed. The software is a good option, but a manual check by an onsite tech security person is best.
Keeping your data safe can be challenging to say the least, and no matter how many precautions you take there is no guarantee that your information will remain secure. But taking certain measures to help protect your data will not only make it harder for hackers to attack. It will also alert you to a problem sooner.
Learn more about how to “Keep It a Secret”. I discussed sensitive and classified information in a previous post, Shhhhh! Keep It Secret. In my book, 52 Tips To Turn Your Website Into A Sales Machine, I talk about putting sensitive or classified information on your site in Tip #29.