The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/411912
WWW.ILTANET.ORG 15 the more frequently accessed, lower- priority data. Technology assets used for daily tasks, such as managing email, conducting online conferences and accessing the Internet, should be housed in an area of your network away from where sensitive data are stored. When possible, segment your network logically or, for extremely important information, physically, to further lessen the risk of an intruder successfully reaching your most critical information. In all cases, restrict login permissions for sensitive areas to only those employees who require them. Review any system connections and data entrusted to vendors; ensure their access is limited to only the information or systems they need. Put in place contractual requirements for security measures, and specify what measures must be taken if the Don't let costs scare you off. Effective security measures do not need to be expensive or burdensome. There are many open-source security tools, and consultants are available to provide specialized expertise on an as- needed or on-demand schedule. Several security products are tailored for businesses of all sizes. Pricing is often based on the size of the company or the number of devices, so budget-friendly options are available for small firms. Many of the most effective security measures require little investment; such measures include employee awareness training and incident response planning. Assess your data assets and prioritize security needs. Not all data require robust protection. To ensure security measures are applied where they're needed, begin by conducting an inventory of the data your firm holds: • What sensitive or confidential information do you have? • Where is it located? • Who has access? • How is it protected? In addition, identify any data that could fall under state or federal regulatory mandates or which have contractual security obligations. Once you have a good understanding of your network and data topologies, you can identify which data assets require the most protection. Focus on securing sensitive and confidential information rather than taking on the herculean (and impossible) task of securing all information. A good data protection program has layers, with less sensitive data secured behind fewer layers and the most sensitive information assets safeguarded more tightly. Segregate sensitive data from daily and operational information. One inexpensive but effective way to increase security around important data is to separate that data set from Are you ready to tighten security? Use these five tips to protect your data and thwart cyber thieves: