7 tips for storing confidential data

Loss or leaks of sensitive information can be serious problems for small businesses. Here’s how to keep confidential data safe.

7 tips for storing confidential data

There’s no such thing as a business that doesn’t have sensitive data. Even a small retail company has documents with employees’ personal details that legally must remain confidential, for example. Bank documents would be hard to restore. Supplier and contractor contracts could include trade secrets.

To protect important data from loss or inappropriate disclosure, follow these seven tips.

1. Enable full disk encryption on all devices

On devices where confidential data is stored or transmitted (i.e., most of them), be sure to enable full disk encryption (FDE). Encryption protects the data in case the device falls into the wrong hands. In Windows, the FDE tool is called BitLocker. The macOS equivalent is FileVault. FDE is enabled by default on most iOS and Android phones; don’t disable it unless absolutely necessary.

2. Restrict confidential data to the office

Another way important data can fall into the wrong hands is through the loss (or theft) of physical media: external hard disks or flash drives. Ideally, they should never leave the office. In fact, if you must write to an external medium, you should encrypt the data beforehand. For example, many security solutions for small businesses support encrypted storage in the form of cryptocontainers.

3. Don’t transfer unencrypted data over the Internet

Sometimes you might need to send confidential data online, by e-mail or a file-sharing service. We strongly recommend avoiding it whenever possible, but if you absolutely have to send information, at least encrypt it first, in case of interception. The easiest way is to create a password-protected archive. Almost all archive utilities have this option. After you encrypt the information, send the password to the recipient through a different channel — for example, attach the information to an e-mail, but send the password through a messaging app that supports end-to-end encryption.

4. Delete sensitive data you no longer need

Even information that’s fallen out of use can still cause problems, so get rid of it. For less-sensitive information, at the very least, delete it and then empty your Recycle Bin so the data can’t be restored with a simple click. For anything even vaguely sensitive, use a file-shredder utility to prevent recovery.

5. Encrypt backups

Backups are crucial, but they can also be a source of leaks. That’s why, before creating backups of confidential data, you should place them in a cryptocontainer.

6. Store more than one copy

Store your data in several places isolated from each other. For example, you might keep one copy of a file on your computer and another on an external drive or in reliable cloud storage. Again, don’t forget to encrypt the files beforehand (or follow all other advice here).

7. Secure archive and cryptocontainer passwords

Losing the password for an archive containing important business data means losing that data. Store passwords in a purpose-built application such as our application for creating and securely storing complex passwords. In addition to its password management utility, our security solution for SMBs also features tools for creating cryptocontainers and automating data backup processes. Naturally, it also protects computers and smartphones from malware, whose tasks can include rooting out company secrets.