I've helped others implement a number of mobile data projects during my career at Mi-Corporation. One of the questions that managers have is how can I be sure that my mission-critical data is safe? It's a very good question - the need for data security is obvious. Their data is critical to the mission of their organizations. Data compromises can lead to lost productivity, lost revenue and even lost jobs - impacting families and our economy. So how can one ensure their mission-critical data is safe?
As a secured "fortress" around a lively city, don't allow data intruders to easily invade via open passages, relaxed protections, or careless mistakes.
For starters, your "fortress" should be built using strong security standards. The Mi-Platform was built with strict security standards such as
- Data level security hashing - ensures data isn't tampered or altered
- Data storage uses encryption - ensures data can't be accessed without authentication
- User authentication - extensive measures in place to enforce a strict password policy
After selecting a secure mobile data solution, the next step is to ensure that everyone is taking advantage of the security features already offered by our software - it's there, so please use it.
Here are some easy security practices that should be adopted by any organization:
- Don't leave the key to your fortress in the door handle!
I've encountered situations where the administrative password with the default password is left unchanged. This could lead to large consequences and is easily addressed - update your passwords, especially for default accounts.
- Use secured tunnels in and out of your fortress!
It is vital that any services with critical data exchange use a secure data transport such as https with a valid SSL certificate. This ensures that third parties cannot compromise "in motion" data.
- Verify members at your borders!
In other words, use authentication and use it well. Applications, such as our Mi-Platform, use application level authentication with password restrictions for strength requirements and expiration durations. If employees leave the organization, be sure to follow through on account deactivations.
- Protect your assets!
Modern tablets and PC have hardware level data encryption capabilities, but *only* if users enable it (usually via a passcode on the device). Also ensure that your applications encrypt stored data. Our Mi-Platform already handles this for you.
Sometimes we ask the hard questions about security but never act on the easy steps to keep data secure. Following through on a few simple steps can greatly reduce your security risks.