FISSEA Security Awareness, Training & Education Contest Entry / CPSC-4581-01 W10 Security Training Submission at govst.edu

1. Data Security
And Preventing Data Loss

2. Backup Files
• Disasters happen unexpectedly and can essentially happen to anyone all around the
world. Backing up all your data is essential to the recovery of that data in the event a
disaster does occur.
• Multiple backups in multiple locations should be a practice every organization or
individual uses to ensure data can be restored in even the worst scenarios.
• Create a plan that allows you to constantly verify the status of backups to prevent
corrupted data. This is an extra precaution that should be taken to ensure that
backups are available for use when needed and contain uncorrupted data when
accessed.

3. Antivirus Software
• Protecting your data from malicious groups
• Some features in antivirus software’s include
intrusion detection systems, Fire-walls, anti-
malware systems, signature-based threat
detection.
• Viruses and malware have many forms which
can steal your sensitive data and expose other
vulnerabilities within your organization.
• Choosing an antivirus that is created to
handle the security requirements and size of
your organization is essential in ensuring
your security against malicious attackers.

4. Protecting Hardware
• Keeping your computer hardware in a clean, dry, and dust free location to ensure the
longevity of the hardware.
• Avoid eating food or drinking beverages near your important hardware to limit the
risk of damaging your hardware. Large organizations should have a standard set-in
place for employee cleanliness when in workspaces to avoid unnecessary damages.
• Protect your sensitive hardware with biometric protection or via CCTV cameras.
• Organizations should consider purchasing computer/hardware insurance because
computer hardware is a substantial capital investment which can lead a business to
failure if destroyed.

5. Strong Passwords/keys
• Every organization and individual should practice an existing password policy or
create their own.
• Passwords are an essential part to controlling access to data and in many cases can
end up being the weakest-link when it comes to data protection.
• Multi-factor authentication should be adopted to all organizations as it adds an extra
layer of security, ensuring that only someone qualified to access such data does.
• Passwords should include special characters, exceed 10 characters(The more
characters the better), and mix both lower and uppercase characters.

6. VPN
• Data Privacy
• A VPN (Virtual private network) allows you to further secure your data by limiting
readable data to authorized individuals only.
• Establishes encrypted connections between your organization's devices.
• Masks your IP address from potential hackers, protecting your identity.
• VPN should be considered by organizations that need to constantly make multiple
connections between different devices and networks.

7. Encryption
• Encryption can improve the integrity
of important data including but not
limited too corporate information.
• Organizations should use encryption
tools that follow AES(Advanced
Encryption Standard).
• Data loss can be prevented by storing
and transmitting data that is
encrypted, rather than normal text.
• Access to important unencrypted data
should be limited to only certain
positions within an organization that
need to access the data.

8. Conclusion
There are many ways an organization/individual can increase the security of
data. It is important that every organization has a plan for the worst-case
scenario, so that operations can continue smoothly and efficiently no matter the
circumstance.
All organizations/individuals should put in the effort to increase their data
security as it will decrease the likelihood of data loss and data theft.