Digitizing your records can be a great boon to productivity and preservation of your data. Once documents are digitized they can be stored, accessed, searched electronically and save thousands of hours of data management.
There are downsides to consider. There are two major risks for digitized data, corruption due to device failure, compromise due to hacking or unauthorized access.
Hacking is both an underground and above board industry. Law enforcement agencies use hacking to gain access to information to track criminals or to expose vulnerabilities. The underground or illegal hacking activities are making the news on a daily basis.
Consider some of the recent news stories:
A small school district in northern Minnesota recently experienced a “ransomware” attack. The system once hacked into is essentially shut down due to injected computer viruses. The “hacker” will release the “antidote” for a fee. In the case of this school district, the hacker wanted $6000.00. The school district, did not pay, but they had to bring in a bunch of IT people and shut their system down for a day. Read more here.
A Eastern University medical center had its network hacked into, forcing doctors and nurses to access information “ the old fashion way” Read more here
A recent news article by NBC news indicates that healthcare record hacking is skyrocketing. While most medical records do not contain credit card info, getting access to medical records can actually be more profitable to a hacker that getting credit card information. Read more here
There are two ways hackers are trying to profit by hacking into records: 1. Stealing important data and selling them on the “dark” market and 2. High jacking a network, making it unusable and demanding a ransom to fix it. If your archived data is accessible by the internet, then your system is vulnerable to hacking. There are a variety of ways you can safeguard against hacking; it would be prudent to obtain the services of some reliable IT professionals to help safeguard your data from hacking.
Whether your data is kept on a hard drive or a passive medium like a DVD or flash drive, there is always a risk of the device failing or becoming corrupted beyond use. Whatever method you choose to store your electronic data, it would be very wise to have one or more backups. Additionally, one should consider a back up medium that is “off site”. Having your backup in the same facility as your primary source makes your business vulnerable to fire, or other catastrophic events.
There are a number of businesses that will provide offsite backup and archiving of your data. There are services that will physically store the device, as well as services that will upload your data to their servers. If you chose a company that will backup your data online, then you need to understand what measures are taken to prevent hacking. Many experts believe that if your data is stored on the cloud, then it is susceptible to hacking.
There is a third risk; that is the risk from people having the ability to access your data. Many major data theft incidences involved “inside” help, usually an employee. If you’re internal security procedures (or lack of procedures) allow unmonitored access and use of your company data, then you are at risk. Even once reliable, trusted employees can become disgruntled and steal or corrupt information for their own profit or simply revenge. Limiting access and having a good monitoring system can go a long way to prevent problems from your employees. When an employee leaves the company, all log in rights need to be removed and any access to your current data needs to be revoked.
Here is a quick list of things you can do to reduce your risk of corrupted or stolen data:
- Don’t store or archive documents on the same network or server as your email
- Make sure that you have the latest malware and virus protection installed on your computer and keep it to the latest revisions.
- Have your system audited by a reliable IT professional for vulnerabilities
- Make sure you have good passwords and change them quarterly. A good password should have a combination of capital and small letters, number and symbols.
- Be wary of anyone who calls you asking access to your system, regardless of who they claim to be.
- Make sure you limit employee access to your systems and that you have a rigorous monitoring system
- Have a reliable, secure and regular offsite back up done.
- Limit the time your system is on or connected to the internet to only time you need it. Don’t leave your system or computer on and online at all times.