Tag: security

Whether it’s due to hardware failure or simple obsolescence, most companies find themselves with a stack of laptops or a crate of desktops that simply aren’t seeing use. Whether they’re shoved into a closet at the fringes of the office or sitting in a corner of an IT experts WFH desk, these devices are taking up space.

Eventually, it becomes necessary to dispose of them. But there are two important factors to consider. The first is the environment– there are specific avenues to ensuring safe disposal. The second is security and data protection. Even factory reset machines can still contain bits of sensitive information, accessible by anyone savvy enough to know where to poke around.

If you don’t have a formal policy already, it’s important your company create and distribute one immediately, both for wiping sensitive data and when and how to dispose of the hardware itself.

Cleaning and Wiping Old Computers

When it comes to old computers that are no longer in use but contain sensitive data, simply deleting files or formatting the hard drive is not enough. These methods do not completely erase the data and leave it vulnerable to being recovered by malicious actors. To ensure your data is properly wiped:

1. Use Data Wiping Software: Utilize specialized data wiping software that overwrites the entire hard drive multiple times with random patterns of data. This process ensures that previous data cannot be recovered.
2. Consult IT Professionals: If you’re unsure about the process or dealing with complex systems, consulting IT professionals can provide expertise in securely wiping data without risking accidental data leakage.
3. Remove and Destroy Hard Drives: For extremely sensitive information or when retiring computers, physically removing and destroying the hard drives is a foolproof method. Shredding or degaussing the drives renders them unusable and ensures data cannot be recovered. In some instances, it may make sense to keep and archive the hard drives themselves.

Safely Disposing of Old Computers

Once data has been securely wiped from old computers, the next step is environmentally responsible disposal:

1. Recycling Programs: Many electronics retailers and manufacturers offer recycling programs for old computers and components. These programs ensure that electronic waste is properly disposed of or refurbished for reuse.
2. Certified E-Waste Recyclers: Choose recyclers certified by recognized standards (e.g., R2, e-Stewards) to ensure that recycling practices meet environmental and data security standards.
3. Donate or Sell Responsibly: If your old computers are still functional, consider donating them to schools, nonprofits, or refurbishing programs. Ensure data is wiped before donation or sale to protect sensitive information.

Should You Keep Hard Drives?

Whether to keep hard drives depends on your organization’s policies and legal requirements. In general:

• Data Retention Policies: Follow internal policies and legal requirements for retaining data. If data is no longer needed or if keeping the hard drive poses security risks, it’s best to securely wipe or destroy it.
• Backup and Archival: Consider archiving important data to secure storage solutions or cloud services before disposing of old hard drives.

Office maintenance isn’t just about dusting off desks and organizing files—it’s also about responsibly managing digital assets like old computers. By securely wiping data and responsibly disposing of old computers through recycling or donation, you not only protect sensitive information but also contribute to environmental sustainability.

FileMaker is an incredibly powerful tool for managing relational databases. Of course, the nature of this platform means a variety of sensitive material may be stored on these databases. From employee social security numbers to client’s banking info to company finances, it’s crucial to ensure this data is safe and secure.

Below are some easy-to-implement but powerful best-practices every company using FileMaker should utilize.

1. Implement User Authentication and Access Controls

One of the fundamental principles of database security– and digital security in general– is controlling who has access to your data. FileMaker provides robust user authentication features that allow you to control access at multiple levels. Utilize privilege sets to define different levels of access for various user roles within your organization. Implement strong password policies (including requirements for complexity and regular password changes) to enhance security.

2. Use Two Factor Authentication (2FA)

Two Factor Authentication (2FA) is the wave of the future and now is the time to embrace it. 2FA is the practice of requiring two forms of identification to log in. Typically, this is a standard password plus either an email with a unique code or an authenticator application that generates a one time password (OTP). Google, Azure, Apple ID, and AWS all offer 2FA systems; some businesses choose to utilize a custom authority setup.

3. Encrypt Data at Rest and in Transit

Encryption is essential for protecting your data from unauthorized access, both at rest and in transit. FileMaker supports encryption of data at rest using industry-standard encryption algorithms. Ensure that encryption is enabled for your databases to prevent unauthorized access to sensitive information. Additionally, use SSL/TLS encryption to secure data transmission between FileMaker clients and servers, especially when accessing databases over the internet.

4. Regularly Update FileMaker Software

Keeping your FileMaker software up to date is crucial for staying protected against security vulnerabilities and exploits. FileMaker regularly releases updates and patches to address security issues and improve overall system stability. Make it a priority to install these updates promptly to ensure that your databases are protected against known security threats.

5. Utilize FileMaker Server for Centralized Management and Security

FileMaker Server offers centralized management capabilities that streamline database administration and enhance security. By hosting your databases on FileMaker Server, you can take advantage of features like scheduled backups, automated updates, and enhanced user authentication options. FileMaker Server also provides additional layers of security, such as SSL encryption and external authentication options, to further protect your data.

6. Audit Trail and Logging

Maintaining an audit trail of database activities and logging access attempts is essential for detecting and investigating security incidents. FileMaker allows you to enable logging options to track changes to your databases, including modifications to records and access attempts by users. Regularly review audit logs to identify any suspicious activity and take appropriate action to mitigate potential security risks.

7. Secure FileMaker WebDirect Deployments

If you’re using FileMaker WebDirect to provide web access to your databases, it’s essential to ensure that your deployments are secure. Follow best practices for web server security, such as configuring firewalls, implementing SSL encryption, and regularly updating server software. Limit access to sensitive databases by implementing authentication mechanisms and access controls to prevent unauthorized access.

8. Educate Users on Security Best Practices

Finally, educating users on security best practices is critical for maintaining a secure FileMaker environment. The best security features can be rendered useless by a user carelessly sharing passwords, not following best practices, or even sharing confidential information in a phishing attempt.

Train your users to create strong passwords, recognize phishing attempts, and follow proper data handling procedures. Encourage users to report any suspicious activity or security incidents promptly.

Securing your FileMaker databases requires a combination of robust security features, regular maintenance, and user education. By implementing these best practices and staying informed about the latest security features, you can effectively protect your data from cyber threats and ensure the integrity and confidentiality of your FileMaker databases.

Of course, you can always reach out to Kyo Logic here with questions on security and how to improve. We’d be happy to help you evaluate current systems, identify opportunities, and provide you with the next steps to ensure security and compliance. We can even get a suitable training platform in place for your employees.

Data storage is a critical component of any modern business. Virtually every piece of information from customer invoices to employee resources is stored digitally. While this makes for incredibly convenient access, it also makes this information susceptible to loss. Corruption may render files inaccessible. Employees may accidentally delete or modify critical files. Malware can infect or steal data. Flooding or fires can even destroy the physical server that stores the data.

Backing up data consistently and following best practices can help mitigate the impact these losses can have on business operations. If you’re using Claris FileMaker, there are also a number of features you can utilize to put these practices into action.

Ensure your data is backed up often. For any number of reasons, from power outages, to floods or fires, to human error, data can be lost. It’s important to have this data backed up elsewhere, in the event that your data server is somehow rendered inaccessible.

Data should be backed up at least every 24 hours. This ensures that, even in the event of a catastrophe, teams will still have access to relatively up-to-date information. Depending on the nature of the industry and how often critical pieces of data are updated, some businesses opt to back their data up more often.

Claris FileMaker can automate this process to help protect data and guarantee timely backups.

Backup data off-site. It’s incredibly important that your primary server and backup server are not in the same location. If a catastrophic event impacts the viability of a server in one location, the other server will not be affected.

Encrypt sensitive data. While accidents can certainly happen, it’s also important to encrypt data. Encryption ensures data cannot be changed or stolen, either by malicious third-parties or employees making accidental changes. Encryption acts as a second layer of protection that ensures the safety of your backups.

FileMaker offers encryption features that make this process seamless.

Utilize security measures. Password protect important data or employ a system where only necessary users have relevant access. This helps prevent attacks from third-parties, but also ensures employees won’t accidentally access information they shouldn’t be able to access.

Claris FileMaker includes the ability to password protect information and grant or deny specific users (or groups of users) access.

Account for endpoints. While your database may act as a single source of truth, it’s also possible that employees out in the field are using their personal devices or company-assigned devices to access your platform. In some instances, namely when reception is poor, the data updated on these devices may not reflect in real time. Backing up individual devices can help to create a more robust and accurate backup.

If you’re looking for ways to back up data or want to know more about FileMaker, Kyo Logic is here to help. You can reach out to us here.