How To Protect Your Data From Being Hacked

Similar documents
Private Cloud: Key considerations for an insurance agency

Is your business secure in a hosted world?

Nine Steps to Smart Security for Small Businesses

Enterprise Data Protection

Internet threats: steps to security for your small business

Making the leap to the cloud: IS my data private and secure?

MAXIMUM PROTECTION, MINIMUM DOWNTIME

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Cyber Self Assessment

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

A practical guide to IT security

Data Protection Act Bring your own device (BYOD)

Data Access Request Service

Small businesses: What you need to know about cyber security

A HELPING HAND TO PROTECT YOUR REPUTATION

Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution

CPI Customer Success Story Sawyer Savings Bank

National Cyber Security Month 2015: Daily Security Awareness Tips

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper

V1.4. Spambrella Continuity SaaS. August 2

THE CHALLENGES OF DATA SECURITY IN THE MODERN OFFICE

The Education Fellowship Finance Centralisation IT Security Strategy

Security Guide. BES12 Cloud

This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered business sensitive.

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Proven LANDesk Solutions

Privacy + Security + Integrity

Five keys to a more secure data environment

KEEPING PATIENT INFORMATION SAFE AND SECURE IN THE CLOUD

Cyber Essentials Scheme

Enterprise level security, the Huddle way.

A Guide to Common Cloud Security Concerns. Why You Can Stop Worrying and Start Benefiting from SaaS

Stable and Secure Network Infrastructure Benchmarks

10 easy steps to secure your retail network

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

BMC s Security Strategy for ITSM in the SaaS Environment

Protection of Computer Data and Software

Your complete guide to Cloud Computing

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

Gain the cloud advantage. Cloud computing explained Decide if the cloud is right for you See how to get started in the cloud

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Does your Citrix or Terminal Server environment have an Achilles heel?

:: MANAGING YOUR AGENCY :: STAY COMPETITIVE WITH APPLIED DORIS

Mobile Devices Policy

InsightCloud. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

Business white paper Top 10 reasons to choose Cloud-based Archiving

Is your business still wasting time and money on PCs and Servers?

A 123Together.com White Paper. Microsoft Exchange Server: To Outsource Or Not To Outsource The affordable way to bring Exchange to your company.

How To Understand Your Potential Customer Opportunity Profile (Cop) From A Profit Share To A Profit Profit (For A Profit)

Name: Position held: Company Name: Is your organisation ISO27001 accredited:

Cyber Security. John Leek Chief Strategist

Protecting personally identifiable information: What data is at risk and what you can do about it

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

Managing internet security

What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility

Move to the cloud without compromising security

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Supplier Information Security Addendum for GE Restricted Data

White Paper. BD Assurity Linc Software Security. Overview

Data Storage That Looks at Business the Way You Do. Up. cloud

Supplier IT Security Guide

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Remote Services. Managing Open Systems with Remote Services

Managing Security Risks in Modern IT Networks

BYOD. opos WHAT IS YOUR POLICY? SUMMARY

Desktop as a Service (DaaS): A Solution for Modern Agencies

Small businesses: What you need to know about cyber security

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Managed IT Secure Infrastructure Flexible Offerings Peace of Mind

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Ensuring HIPAA Compliance with AcclaimVault Online Backup and Archiving Services

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

INCIDENT RESPONSE CHECKLIST

How-To Guide: Cyber Security. Content Provided by

Introduction. Purpose. Reference. Applicability. HIPAA Policy 7.1. Safeguards to Protect the Privacy of PHI

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Cyber Security Best Practices

Payment Card Industry Data Security Standard

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

How To Use Egnyte

Transcription:

Data Security and the Cloud

TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW DOES THE TAKE ADVANTAGE OF PROVIDE THE BEST DATA SECURITY BEST TOO IMPORTANT TO IGNORE CLOUD KEEP MY DATA SAFE? DATA CENTRES DATA PROTECTION PRACTICES 2

EXECUTIVE SUMMARY Today, stories of major data breaches have dominated the media, from lost CDs containing 25 million child records from the HM Revenue & Customs to hackers accessing 77 million customer records, including credit card information, through the Sony PlayStation Network. In this era of Big Data, financial and personal information becomes a target with information sold to the highest bidder. Companies that fail to protect themselves lose money, customers and their reputation. For all industries, data security is a critical component of business strategy and health. You must consider data security if any of your employees are physically connected to the Internet or other public data networks, regardless of size and scope of operations. Utilising the cloud to integrate the latest security technology is one way to ensure your business receives high-level data protection. This ebook provides an overview of data security and best practices you can employ to keep your data safe. 3

CHAPTER 1 DATA SECURITY: TOO IMPORTANT TO IGNORE Data security refers to protective digital privacy measures that are applied to prevent unauthorised access to information assets such as computers, databases and websites. With the proliferation of digital data, it s a top concern and priority for businesses of all sizes, in all industries. Take into consideration these facts about data security: > > 87% of small businesses experienced a security breach last year 1 > > The average cost of the worst security breach for small organisations was between 35,000 and 65,000 2 > > 250,000 laptops are stolen in the UK each year 3 1 More Small Businesses Hit By Cyber Attacks. 23 April 2013. 2 Ibid. 3 Cloud Direct Blog. 19 November 2014. 4 Data Breach: Is Your Business at Risk? Commercial Risk Insurance. If a cyber attack or breach occurs at your business, consider the Data Protection Act and potential fines you could incur from the information commissioner (ICO). While financial loss can eventually be regained, loss of reputation and customer loyalty can be permanent. Four in 10 customers will consider leaving a company if their information is lost or stolen. 4 As a trusted advisor, your client relationships go beyond just risk management services you provide; your clients expect you to safeguard their personal information and privacy. You cannot afford to be unprotected. 4

CHAPTER 2 HOW DOES THE CLOUD KEEP MY DATA SAFE? At the most basic level, the cloud is a delivery mechanism for IT services over the Internet, allowing you to receive information technology such as applications, data and security as a service. Traditionally, many businesses, including insurance brokers, purchase hardware and software, and operate it themselves or with the help of an outside company. The cloud provides an alternative option, and represents a shift from the traditional way in which brokers view IT. More and more companies are running some or all of their critical business applications in the cloud, and enabling clients to connect with them online. In almost all cases, client data is just as safe or safer in the cloud than in inhouse agency systems. In fact, most data breaches involve on-premises data centre environments. So how does the cloud environment work? The cloud environment includes secure data centres that control computing operations. These remotely-accessed centres are home to the servers that host software and process, store and protect data. Data and applications remain centralised in the data centre facility while users operate in a virtual atmosphere through a wired or wireless Internet connection. With the cloud, there is no longer a need to store or back up data to removable media such as flash drives or CDs that can be lost or stolen. In an online environment, information can be accessed on a laptop, tablet computer or smartphone anytime, anywhere an Internet connection is available. Users have more access through more devices in more locations. This kind of 24/7 on-demand service is a central component and provides a significant advantage. 5

CHAPTER 3 TAKE ADVANTAGE OF DATA CENTERS Most insurance brokers do not have the resources, expertise, time or money to match what data centres provide. Besides providing data security, data centres themselves are physically secure sites, staffed 24/7 with additional monitoring through video surveillance. These strict security standards require levels of redundancy and other measures that cannot be duplicated in typical offices. In addition to the increased efficiencies and data protection that Applied TAMOnline delivers, we re becoming more productive with remote access to the system. STEPHEN VALE Branch Manager Cleddau Insurance Limited 6

When choosing a data centre option, be sure it measures up to these standards: > > 99.9% uptime > > Tier 3+ facility, as defined by the Uptime Institute > > AES-256 data-at-rest-encryption (DARE) > > 128-bit, bi-directional, packet-level encryption > > Regular auditing against SSAE16 SOC 2 standards > > Automatic antivirus and software updates > > Site redundancy for backup > > Built-in firewall and intrusion prevention system > > Nightly backups > > Automatic download of broker data Maintaining critical business information in a secure data centre provides an extra layer of data protection. In addition, your business benefits from implementing more efficient data management and data access processes. Often, with a cloud-based system, applications and supporting software update automatically, so your business continually runs the latest software versions without incurring delays or extra expenses that may be required for manual updates. 7

CHAPTER 4 PROVIDE THE BEST DATA PROTECTION For insurance brokers, one of your most valuable assets is your client data. When physical damage occurs affecting your business and clients in the area, you must respond. Servers and tapes can be damaged, but in the cloud, the data is safe and accessible. Consider data security as part of your business continuity plan. Any number of problems can compromise business data, from theft of sensitive customer information, to natural disasters and cyber attacks. Online solutions can assist in mitigating risks and keeping your business up and running should your business operations be interrupted. Physical and electronic security deliver data protection beyond what any individual company can offer, as well as providing minimal downtime due to scheduled upgrades. If your company s internal computers or offices become inaccessible, online solutions are readily available from any secure Internet connection. 8

CHAPTER 5 DATA SECURITY BEST PRACTICES There are a number of precautions you can take to ensure better data security. Your business cannot afford to take chances with security. If your company s data is lost, the cost to recover or recreate it can be insurmountable. When developing a data security plan, remember these best practices. > > Encrypt your data Encrypting data helps to prevent the accidental loss of sensitive or protected information, including data classified as Personally identifiable information (PII). A Secure Sockets Layer (SSL) certificate is also important to secure your site, encrypting the communication between the user and the website. For secure remote access, you should also set up a virtual private network (VPN) security measures to standardize security software across your business. > > Use network-based security hardware and software Use firewalls, gateway antivirus, intrusion detection devices, honey pots and monitoring to screen for denial-of-service (DoS) attacks, virus signatures, unauthorised intrusion, port scans, and other over the network attacks and attempts at security breaches. 9

> > Protect outbound data Transport Layer Security (TLS) email encryption should be used for outbound emails, especially when emailing sensitive information. Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. Consider creating a DLP strategy for your business. > > Secure your technology against viruses and malware It is important to run antivirus software on your computing assets, such as desktops, laptops and tablets. Programs can be run at regular intervals to scan for viruses. It s critical to continue to patch your operating systems and all third party software, as well as keep your antivirus software up to date. > > Vulnerability management Periodic vulnerability assessments evaluate the effectiveness of security control solutions. You should conduct periodic vulnerability assessments of critical systems, those systems exposed on the Internet, or as determined by legal, regulatory or compliance requirements. This includes running internal and external vulnerability scans often. > > Educate your users It is essential to create a culture of security and ensure all employees are aware of the data security plan. Encourage them to create strong passwords that are frequently changed. Staff should remember to always lock or log out of the system when away from their computer and be careful when selecting unauthorised Wi-Fi networks. Data security should be a part of every business strategy and technology program. By following these best practices, you are taking steps to safeguard your data and your business reputation. Learn more about the cloud and data security and discover how Applied can be your data security partner. 10

CONTRIBUTORS This ebook was prepared by Applied Systems, Inc. About Applied Systems Applied Systems is a leading provider of software that powers the business of insurance. Applied is recognized as a pioneer in agency and brokerage management systems and data exchange between agencies, brokers, carriers and their clients. Automating the insurance lifecycle for more than 140,000 insurance professionals, 12,000 agencies and brokerages, and 350 carriers worldwide, Applied enables millions of people around the world to safeguard and protect what matters most. 2015 Applied Systems, Inc. All rights reserved. This document is provided for information purposes only. It is intended to give timely, but general, information on the subject matter covered herein, and the contents of this document are subject to change without notice. Prior results and case studies mentioned in this document do not guarantee a similar outcome on any particular situation in the future. You should consult with an attorney or other professional service provider with respect to how the matters discussed herein affect and relate to your own business affairs. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether express or implied. Applied Systems and its affiliates specifically disclaim any liability with respect to this document and no contractual obligations are formed either directly or indirectly by this document. Any statements made herein are not a commitment to deliver any material, code or functionality, and should not be relied upon in making purchasing decisions, except as provided for in a separate software license agreement. The development, release, timing and availability of any products, features or functionality described herein remain at the sole discretion of Applied Systems and its affiliates. All other names of products and published works identified herein may be the trademarks or otherwise proprietary material of their respective owner. Applied Systems UK Invicta House Trafalgar Place Brighton BN1 4FR For more information visit appliedsystems.co.uk 11

Applied Systems UK Invicta House Trafalgar Place Brighton BN1 4FR +44 (0) 1273 852000 For more information visit appliedsystems.co.uk Copyright 2015 Applied Systems

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information