Get All Access for $5/mo

7 Simple Business Security Tips From Her Majesty's Secret Service What can businesses on both sides of the Atlantic learn from how British spymasters keep data safe?

By Luke Walling Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

United Artist | Getty Images

The British Secret Service isn't quite so secret any more.

Spymasters in London are publishing regular advice about how to bolster security defenses against hackers and insider data breaches.

Recently, the Queen opened a new National Cyber Security Center in London, run by the Government Communications Headquarters (GCHQ).

Against the backdrop of international allegations of cyber-hacking and cyber-meddling in recent elections, the new center will oversee British efforts to prevent hackers from disrupting the national infrastructure, from hospitals to the electricity grid.

The GCHQ also gives businesses security advice ranging from tips on password policies to ways to ensure mobile workers don't compromise security while on the move. Here are (double-"O") seven lessons businesses on both sides of the Atlantic can learn from Her Majesty's Secret Service:

1. "Least privilege" protocol

Ensure that employees have only the system access they need to do their jobs -- don't open up access to sensitive systems for employees at all grades.

Related: Is My Data Really Safe? Your Questions About Cloud-Based Storage, Answered.

2. Control removable media

An external device plugged into a network is a main route for malware to disrupt systems. Limit the use of external devices like USB memory sticks, particularly those brought in from home by employees.

3. Secure the doors

Ensure that old systems, network devices and sites are removed and decommissioned. Don't allow hackers to access your network through a forgotten entry point.

Related: Cyber Security a Growing Issue for Small Business

4. Start-to-finish process

Have a clear process in place for deciding what network privileges and devices new employees can use, what happens when they change roles, and what happens when they leave. Revoke access and recover company devices and data as soon as workers depart. Note that this can be complex if they've used personal devices in the workplace.

5. Define "tolerable risk."

What risk is your organization willing to take to get the job done? Can you allow your staff to use their own devices or take data files and documents home? It might help productivity, but you need to understand all the risks involved: devices getting lost, stolen, hacked or contaminated with malware.

Related: The Risks of Business Travel in a Wired World (Infographic)

6. Train.

If your staff doesn't know the risks and legal requirements around data security, you're inviting vulnerabilities. Explain the issues and train best practices.

7. Observe and report.

Encourage staff to be vigilant and report suspicious activity such as suspicious emails or unexpected changes to the systems they use.

The truth is that much of the threat around data security starts inside a business rather than outside, with malicious, accidental or ill-considered actions by employees allowing confidential information to be compromised.

The best defense is deploying data loss prevention (DLP) technology, which prevents unauthorized saving, copying, printing or emailing of sensitive files, to prevent accidental or criminal actions by insiders.

So, how does your organization stack up against these seven simple tips? Do you follow the basic advice of Her Majesty's Secret Service?

Luke Walling

General Manager of Safetica North America

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Science & Technology

5 Automation Strategies Every Small Business Should Follow

It's time we make IT automation work for us: streamline processes, boost efficiency and drive growth with the right tools and strategy.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Leadership

Visionaries or Vague Promises? Why Companies Fail Without Leaders Who See Beyond the Bottom Line

Visionary leaders turn bold ideas into lasting impact by building resilience, clarity and future-ready teams.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Business Process

How CEOs Can Take Control of Their Emails and Achieve Inbox Zero

Although there are many methodologies that leaders can use to manage their emails effectively, a consistent and thought-through process is the most effective way to systemize and respond to emails and is a step of stewardship for the effective leader.