You have conducted an information “census” to identify and locate confidential information held by your company. Then, you determine what you need to keep for business purposes. What’s next? According to “Start with Security,” it’s time to wisely control access to your data by setting limits.
This is not a new concept. You have a lock on your door to prevent access to your business after hours, and people can’t just walk onto your factory floor. You can also protect your company’s proprietary secrets from being seen by unauthorized parties. That’s why you don’t post the recipe for your “secret sauce” on your website.
Do you take the same caution with sensitive customer or employee data? Not everyone on your staff needs unrestricted access to all the confidential information you maintain. A better approach is to put in place reasonable controls that allow access to employees who need it to do their jobs, while excluding others. It’s also wise to grant only a limited number of trusted employees administrative access (the technical ability to make system-wide changes to the network or make certain changes to desktop computers, such as installing new software). We’ve created a series of examples based on FTC settlements, closed investigations, and questions we hear from businesses to provide tips for wisely controlling data access.
Restrict access to sensitive data.
If employees do not need to use personal information for work, then they do not need to access the information. For confidential paperwork, sensible access controls can be as simple as a locked cabinet. For data on the web, individual user accounts that limit who can view sensitive files or databases are an effective option.
example: Employment agency staff review personnel files that sometimes include Social Security numbers. The employment agency ensures that all employees have lockable desk drawers. Additionally, the agency has a “clean desk” policy that requires employees to secure all sensitive documents when they leave at the end of the day—a policy the company monitors through regular inspections. Because employment agencies take steps to ensure that employees’ files containing personal information are encrypted, there is less chance of unauthorized persons accessing the data.
example: Employees in small companies share a workstation. Staff responsible for payroll management can access the employee information database through password protection. Shipping staff have password-protected access to the customer account database. By limiting access based on business needs, the company reduces the risk of unauthorized use.
example: One company offers an application that allows users to create profiles containing personal medical information. The system allows all employees (IT staff, sales reps, HR staff, and support staff) to access customer data. By providing access to sensitive information to employees who did not need the information to perform their duties, the company created a situation that could put highly confidential information at risk.
Restrict administrative access.
System administrators can change your network settings, and it’s critical that your staff have the authority to make the necessary changes. But just as banks make the portfolio of their central vaults available to only a select few, companies should limit administrative access accordingly. The risk is clear: An untrustworthy administrator – or too many employees with administrative rights – can undo the steps you’ve put in place to secure your system.
example: A technology company uses the same login name for all employees. This login has administrative rights, enabling designated IT staff to make system-wide changes. But the company’s receptionists, sales associates, and summer interns also use the same login. A smarter approach is for companies to require different login names to have only the permissions that employee needs to do their job.
The lesson for businesses is to limit the “backroom pass” of confidential information. Limit access to sensitive data to those employees who need it to perform their duties.
Next article in the series: Requires secure password and authentication.
