Show Menu

Tips for Preventing Data Breaches Cheat Sheet (DRAFT) by [deleted]

This is a draft cheat sheet. It is a work in progress and is not finished yet.


Data breaches continue to place millions of Americans at risk of identity theft and fraud. Almost 50 percent more breaches were reported in 2008 than the previous year, exposing the records of more than 35 million people, published reports say. More than a third of those breaches occurred at a business.

It's important that a business take steps to protect personal inform­ation. Here are tips to help safeguard your sensitive data.

Tips to safeguard sensitive data

Keep Only What You Need. Reduce the volume of inform­ation you collect and retain to only what is necessary. Minimize the places you store personal data. Know what you keep and where you keep it.
Safeguard Data. Lock physical records in a secure location. Restrict access to employees who need to retrieve private data. Conduct employee background checks and never give access to temporary employees or vendors.
Destroy Before Disposal. Cross-cut shred paper files before disposing of private inform­ation. Also destroy CDs, DVDs and other portable media. Deleting files or reform­atting hard drives does not erase data. Instead, use software designed to perman­ently wipe the drive, or physically destroy it.
Update Proced­ures. Do not use Social Security numbers as employee ID or client account numbers. If you do so, develop another ID system now.
Train Employees. Establish a written policy about privacy and data security and commun­icate it to all employees. Educate them about what inform­ation is sensitive and their respon­sib­ilities to protect that data.
Control Use of Computers. Restrict employee use of computers to business. Don't permit use of file sharing peer-t­o-peer websites. Block access to inappr­opriate websites and prohibit use of unapproved software.
Secure All Computers. Implement password protection and require re-logon after a period of inacti­vity. Train employees to never leave laptops or PDAs unatte­nded. Restrict tele-w­orking to compan­y-owned computers and require use of robust passwords that are changed regularly.
Keep Security Software Up-To-­Date. Keep security patches for your computers up to date. Use firewalls, anti-virus and spyware software; update virus and spyware defini­tions daily.
Encrypt Data Transm­ission. Mandate encryption of all data transm­iss­ions. Avoid using Wi-Fi networks; they may permit interc­eption of data.
Manage Use of Portable Media. Portable media, such as DVDs, CDs and USB "­flash drives­," are more suscep­tible to loss or theft. Allow only encrypted data to be downloaded to portable storage devices.

Security Breaches