If you have a business, whether it is large or small, you should be concerned about the security of your files. Take a moment to think about what types of information is stored on your computer and what could happen if the information falls into the wrong hands.
In many cases a loss of personal client information could result in reduced business for your company as clients are uncomfortable with the fact that their personal data wasn’t properly protected. Or plans for a marketing campaign / new product could fall into a competitor’s hands. This happens all the time, and in circumstances it would have only taken a few simple steps to protect the company and its data.
Before you implement a blanket password protect policy, take time to analyze the data on your computer or network and who has access to it. For example, if you have an accounting department then they are the only ones who should have access to files containing financial information. The same goes for management, HR, etc. Your system administrator should be able to set up folders for each department and grant access on a per user basis.
While this measure protects persons within your firm from accessing certain files, it does nothing to protect from an external source gaining entry into sensitive documents. You should decide on a simple policy to protect documents from falling into the wrong hands. An example of a policy that everyone can agree on is that if a document contains sensitive material or personal information it should be password protected.
There are a few issues with this policy, or any policy that involves employee’s password protecting their own documents. For one, how do you keep track of each document’s password, and what do you do if an employees leaves your company?
There are a few ways to handle these, all have their individual pros and cons so let’s explore:
Scenario 1 – Everyone uses the same password for all documents
On the surface this seems like an easy solution, everyone can access the documents they want quickly and no one needs to remember a variety of passwords. On the flipside, when an employee leaves they essentially could access every file on your system, unless your System Admin person goes in and changes all the passwords, something he or she may not like you very much for.
Scenario 2 – Everyone sets their own password on each document
In this situation if someone leaves you only have their files to worry about, but on the other hand it may be difficult to gain access to the files you need if he or she doesn’t record the password anywhere or forgets it. You could have everyone store their password in a central place, but they that defeats the purpose if they can all see each other’s passwords.
Scenario 3 – Departmental passwords
This seems like the most hassle-free scenario. Each department is given their own password to use to protect documents. If an employee leaves only the one department has to change their password to keep everything safe, and it is less likely that the password will be lost or become available to the rest of the company.
It is up to you to decide what password protection policy is best for your company, but rest assured that until you have something in place you are putting both yourself and your company at risk for data theft. Do not hesitate, begin formulating a plan now to protect your important documents.
Tue, Dec 23, 2008
Word