By Katie Wike, contributing writer
Security is expensive, so what options do you choose to get the most bang for your buck? According to Jarret Raim, Head of Strategy and Operations for Managed Security at Rackspace Hosting, the easiest way to protect data is not to store it in the first place.
Not storing data isn’t always realistic though, so Raim explains on CMS Newswire that if you must store sensitive information, “All sensitive data should be protected using the Transport Layer Security 1.2 protocol only. Older versions of TLS or SSL are not sufficient for protecting sensitive data.”
Additionally, keep your information encrypted. “When thinking of deploying encryption services, we generally divide the work into two groups: data at rest and data in transit,” explains Raim.
Raim further recommends securing your environment. This means “ensuring all tools are patched, especially critical third-party software like Java. Firewalls should be locked down to only allow connections from trusted machines and enforce encryption. Hosts should be hardened to leave as little attack surface as possible”, he says.
Finally, security is everyone’s job — every part of your organization needs to be aware of threats and cautious when handling sensitive data. The bottom line is that security is a joint effort, so making sure that everyone is involved and your organization’s technology is at its best is key to protecting sensitive customer data.