It’s Ok To Be Sensitive, Our Data Sure Is 

It’s true, we all have a sensitive side. Especially when we’re talking about data. Believe us when we say, every organization needs data security. Whether you operate a manufacturing business, law firm, dental practice, or hair salon, you have confidential information hackers would love to get their hands on.

What exactly is “sensitive” data?

Credit card data and social security numbers are obvious examples. And every business has some mix of the following:

  • Customer information
  • Employee records
  • Legal documents
  • Login credentials
  • Financial data

There’s of course a lot more than that. For some, it is obvious, like a healthcare provider facing HIPAA compliance maintaining medical records and storing personally identifiable information (PII). For others, it may not be so clear. Data can come in all forms, like system designs, business processes, or other intellectual property.

So how do you determine if you need better data security?

Simple, try this data-sensitivity spot test: Ask yourself and your team this question, “Is this information something we’d like posted on a website that everyone can look at?” If the answer is No, then it’s safe to consider sensitive and should be protected. Yes, it can be that easy! Let’s give it a try, a couple of basic examples:

  • Your sales team has brochures outlining your products and services. They are handed out at trade shows and to prospects every day. Would you care if these were posted online somewhere for the whole world to see? Of course not, in fact they might be posted on your website already. No additional security controls required…NOT SENSITIVE!
  • You have a spreadsheet detailing customer names, decision makers, and purchases. Would you care if it was posted online somewhere for the whole world to see? Of course, for legal purposes and you surely wouldn’t want it in the hands of your competitors. Better make sure that spreadsheet is stored very safely and with proper access levels…DEFINITELY SENSITIVE!

Some other examples that you may not have considered:

  • Engineering drawings (e.g. facilities, network designs, device schematics)
  • HR records (e.g. employee reviews)
  • Company presentations and projections
  • Annual strategic plans
  • Purchase and sale agreements
  • Proprietary manufacturing processes
  • Building management device layouts (e.g. security systems, IT systems)
  • Recipes (e.g. food manufacturing, restaurants)
  • Price lists and pricing calculators

These are just a few to think about, the list varies with every business depending on industry, size, location, customer types, etc.

Defining where your business has sensitive data and how it is protected is vitally important.

Data is everywhere. It can help to try thinking about it through the key layers of cybersecurity:

  • Framework: Develop policies and incident response plans that protect the data. Conduct testing (e.g. ethical hacking) to ensure that the data is properly protected from an attack.
  • Culture: Educate and train your team on what data is sensitive and how to protect it from exposure to fraudsters and cybercriminals.
  • Technology: Deploy technologies that protect the data in transit (e.g. secure email), at rest/when stored (e.g. encryption), and from accidental loss or malicious leakage (data loss prevention or DLP).

When it comes to sensitive data, it’s good to have thick skin—we recommend multiple layers.

Stay Safe,

Your Friends @ Defendify

Resources & insights

Why You Could Be Denied Cyberattack Insurance Coverage
Blog
Why You Could Be Denied Cyberattack Insurance Coverage
As you’re working toward achieving robust cybersecurity, the subject of cyber attack insurance coverage is sure to enter the discussion. Maybe you’ve already delved into this topic, as cyber insurance has become an essential cornerstone of every information security program. Many overriding factors will affect your ability to obtain and retain the coverage you need at a reasonable rate—and a successful approach is tied closely to a comprehensive cybersecurity posture.
Cost of a Cyberattack vs. Cybersecurity Investment
Blog
Cost of a Cyberattack vs. Cybersecurity Investment 
Detailing the cost of a cyberattack versus the ROI of a cybersecurity investment enables leadership to see cybersecurity solutions are worth it.
Defendify Listed as a High Performer in Six G2 Grid Categories
Blog
Defendify Listed as a High Performer in Six G2 Grid Categories
The Defendify Cybersecurity Platform has been listed as a High Performer in six Summer 2022 Data Security Software Category Reports on the technology review site G2.

Protect and defend with multiple layers of cybersecurity

Faster. Smarter. Stronger.

Explore layered
security

Learn more about Defendify’s three key layers and All-In-One cybersecurity.

How can we help?

Schedule time to talk to a cybersecurity expert to discuss your needs.

See how it works

See how Defendify’s platform, modules, and expertise work to improve security posture.