Data security a big talking point at NAPBS Mid-Year Conference

  • 4/11/2016
  • Kevin Rosenquist
Data security a big talking point at NAPBS Mid-Year Conference image

We recently got back from the annual Mid-Year Legislative and Regulatory Conference put on by the National Association of Professional Background Screeners. It was another great year of valuable information, informative speakers, and even a little fun. It was my first time in DC and I can’t stop talking about how much I enjoyed that city. Some of you have already heard from me about it and are probably sick of listening to me. But it really is great!

One of the things that was stressed strongly this year was data security. So I thought I would put a few of the stronger points together to get you all thinking about how you handle your own sensitive data, as it relates to your background check procedures as well as other parts of your business. Some are obvious, others perhaps not so much. But they are all great things to keep in mind.

1. Control access to data. The only people who should have access to sensitive data are those that need it. Don’t give people access to anything more than what they need to do their job.
2. Minimize admin access. This goes along with number one but not everyone needs to be an administrator.  Only give those who need it admin privileges. And make sure that whoever does have admin privileges never accesses his or her account unless they are on your secure network and always logs off when they leave their computer.
3. Secure passwords and authentication. I know we’re all tired of having to come up with ten different passwords that each have upper case and lower case letters, a number, a special character, nonconsecutive letters, fingerprints, retinal scans, and so on. But having a complex password that is difficult to guess increases security by a lot. And changing them every 30 days is even better.
4. Have your IT department archive network traffic and keep incident logs. It’s always good to monitor and keep incoming and outgoing network traffic as well as log any error messages your network gives.
5. Be wary of public Wi-Fi networks. I know I’ve asked a barista, bartender, or store employee for their Wi-Fi password more than once. Our phones run a lot faster with them. One speaker at the conference said he never connects to public networks period. But if you do be sure you are not accessing sites or databases that contain your sensitive information.
6. Have a security policy. List out the role(s) that should be given admin access and have a plan in place in case of a data breach. You don’t want to be running around the office screaming if something were to happen.
Little things can go a long way in protecting your data, both your business data and personal data. Staying on top of your security procedures can significantly lower your risk. Hope this helps some of you.