January 05, 2019  —  Acronis

How to protect sensitive information

Acronis Cyber Protect
formerly Acronis Cyber Backup
Other languages available: Español (Spain)

In the era of new technologies, we store more and more information, and we do so in more diverse places and devices. Information theft has always been a criminal practice, and now in the digital age, it continues to be so in an active manner. You need to know how to protect all that sensitive information, both from a private individual and from a large or small company, all information is attractive to cybercriminals. Do you know how to protect it effectively?

What is considered sensitive information

Companies and businesses have a lot of information that is considered sensitive, such as particular company data, economic and banking data, strategic data, customer data (this data is also affected by the new data protection act), data of suppliers and vendors, employee data, etc. For an individual, sensitive data is all the data that matters to him/her, emails, documents, photos, images, etc.

Data thieves want all that information, either to ransom it or sell it for financial gain, or for personal or professional gain.

All that information is stored in very different places, from physical servers to virtual servers, data in the cloud, and in all the devices that are handled today such as laptops, desktops, tablets, smartphones, hard drives, pencil USB, external drives, NACs, etc.

How to protect sensitive information

Think like a cybercriminal

If you were a hacker, how would you attack to get the information you want so desperately? Putting yourself in the role of a cybercriminal can give you clues about the weaknesses that we have as individuals or as a business and how we leave the door open for that information to be lost easily.

Putting yourself in the mind of a cybercriminal allows us to detect points of improvement and opportunities to protect company and personal data appropriately. That is why it is not about becoming one of them, but thinking like them to see how they access and take advantage of it. How can your data and information systems be accessed? You can definitely get a list in every possible way:

  1. Passwords. Are the passwords that we use secure? Are they updated frequently?
  2. Do they protect access to information in any way? That is, do you need to identify yourself to access or are they in the public domain? Sometimes we do not realize that interesting data has been left for everyone to see.
  3. Are you protecting yourself from a possible attack? Ask yourself if you have any barriers preventing malware or ransomware from accessing your data. Do you keep those measures up to date?
  4. Is there a back door? Sometimes, there are other ways to access information that we do not use but are aware they exist. The time has come to protect all the doors.
  5. Is your network accessible without much complication? That is not good.
  6. Do my employees and I know the importance of information? It is important not to share it with anyone who may be a thief. Are there procedures for action and protocols to protect this data?

There are many more ways, these are just a few examples. If you have already detected a vulnerable point, then you have to protect yourself immediately.

Security strategy

Yes, you have to design a strategy to be able to protect all the information you have and that will should be updated daily. Where to start from?

Data is protected in various ways. On the one hand, it is convenient to encrypt them, so that they are not available without further ado. On the other hand, you have to protect them with passwords. In addition, they must be stored in safe places, and use them with caution. In case of disaster, having a backup of sensitive information can save you from great trouble.

A good strategy is to have good, sufficient, and precise tools that control not only the access to data, but also leave a trace of who does it.

The strategy has several parts:

  1. Prevent the attack: With good virus detection programs, malware attacks, and by educating everyone who accesses the information, so that they know how to protect themselves and save everything with passwords. Defining user profiles that can do one thing or another is highly recommended by experts, creating security policies and action protocols known to all employees and to oneself. That is the best way to prevent.
  2. Protect information: With data encryption, use of secure and updated passwords, and having a good updated backup of the data. We will thus prevent them from accessing the information and, in case that happens, at least, we would not lose information when having a backup. Use advanced technology for effective protection.
  3. Taking action in the event of an attack: Restoring data quickly and effectively comes first, so that we can continue our business and not harm our customers, or so we can simply know that we have not lost any memories or anything important. We will restore the system, database, email, general data, and everything we had in the backup, so, needless to say, the more complete the backup and the more recent, the better the restoration of the information will be and less damage will be suffered.
Data encryption

Data encryption

Data encryption is a technique that allows us to protect our data. It consists of storing the information in a way that is not visible to the naked eye, unless the password or the algorithm that encrypts them is known. The encryption is done thanks to the software, and here it should be noted that, the better it is, the more protected our data will be, since the algorithm will be more complex and difficult for a hacker to decipher. Beware of free encryption programs that have access to our data and to which we give them rights simply by using it.

Data encryption allows us to maintain 100% data privacy, even in the event of theft or loss, which can happen simply by losing a mobile phone, tablet, or laptop. Encrypted data looks like a string of characters where letters, numbers, signs, and symbols are meaninglessly jumbled. An important tip: Never forget the encryption password, or this encryption will be your worst enemy.

Data encryption allows us to maintain 100% data privacy, even in the event of theft or loss, which can happen simply by losing a mobile phone, tablet, or laptop. Encrypted data looks like a string of characters where letters, numbers, signs, and symbols are meaninglessly jumbled. An important tip: Never forget the encryption password, or this encryption will be your worst enemy.

There are two types of encryption:

  • Symmetric encryption: Consists of a password that serves both to encrypt and decrypt. This can cause problems if the sender and receiver of the encrypted document communicate the password in an insecure medium. It is a faster method.
  • Asymmetric encryption: Has a password to encrypt, and another to decrypt. The first is public, the second private. It is a safer method.

Having a backup

If we have a backup, we will have our backs covered, both in case of data theft and in case we forget the encryption password. How do we backup and what data? The more data we store in the backup, the more complete the restoration will be. Nowadays, the space to store the backup is not a problem, since the backup can be saved in the cloud, or on external devices that allow us to store a lot of information both for individuals and companies.

Trusting a large company can avoid many troubles, and especially having the assurance that the backup made is good, and will not cause problems when restoring the information. Acronis provides all the guarantees to perform a reliable, fast backup with a complete and assured restoration. Your Acronis Backup software is really worth it, because it is more than a complete backup solution, whether for individuals, SMBs, or large companies.

Backups can be scheduled and, that way, the forgetting factor will not participate causing us to lose data by forgetting to do a periodic backup. It is recommended to do backups as often as necessary, that is, there will be times when it must be done on a daily basis and, in other cases, on a monthly basis, for example.

Backups can be sequential or incremental, so that we can always configure our backup to our needs, choosing the frequency to do them, the type of backup, and the folders, files, documents, databases, etc. that we want to keep safe, which will normally be sensitive and important data.

Things to remember

Remember to encrypt your data, computer, tablet, and smartphone to increase the security of your data and protect it.

Use strong passwords and update them frequently. Don't use the same password for everything, unleash your creativity!

Schedule and do the necessary backups so that, if you suffer an attack from a hacker or lose your device, or simply lose your data by mistake or accident, you can recover it and not suffer the consequences of not having been proactive.

Protect your sensitive data, both personal and professional. Avoid any inconvenience. 

About Acronis

A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.