Keeping Your Data Safe

1. The Data You Hold

The amount of time and money you spend safeguarding your data will depend on how vital it is to your business and how likely you are to suffer data loss. To assess the risks, you need to know what data you store and use in your company.

1.1 Establish what data you store in your business.

• Many businesses store information across multiple systems and in different locations.
• Think about data held centrally as well as information stored on staff computers, disks, tapes, memory sticks and online.
• Build up the most comprehensive list of business possible.Make sure you record where data is stored.
• Remember to include information stored outside of your business.For instance, your website is probably held on a server owned by a third-party hosting company.

1.2 Examine how valuable this data is.

• Mission critical data is vital.If lost, it can seriously damage your business. You will want to give most protection to this data.
• Customer records and accounting data can be mission critical.
• Mission critical data may also include employee records and valuable market intelligence.
• Some data is less important.For example, losing your email archive may be inconvenient, but will not seriously threaten the health of your business.

1.3 Look at how you use this data.

• Consider who has access to the data and how often it is used or changed.
• Some data may be in constant use by many employees.For instance, your customer database.
• Other data, like staff records, may be accessed infrequently by only one or two employees.
• Think about how data is transferred.Is it sent by email, or put onto disks and posted?

1.4 Use all this information to build up a comprehensive list of data stored in your business.

• For each type of data, you should know where it is stored, how often it is accessed, and who uses it.
• You can use this list to pinpoint risks in the way your business handles data.