Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Digital security: Don’t leave the key under the mat

Digital security: Don’t leave the key under the mat

There’s no magic bullet when it comes to protecting your data, it’s about finding the right balance between security and convenience. You should view security more as a risk to be managed than a problem to be solved.

It would be really convenient to leave your house keys in the front door so they’re always there when you need them, but the security risk is just too great. At the other end of the spectrum, it would be safer to lock your house keys in a vault at night rather than leaving them on the kitchen bench, but that’s just too much of an inconvenience.

Apart from the hassle, vaults are expensive and locking away your house keys obviously doesn’t guarantee you’ll never be burgled.

You obviously need to choose the right level of security for your home to address the likelihood and potential consequences of uninvited guests. The same goes for your precious data.

The risk scenarios involving your family photos are very different to those involving your business records. If you’re dealing with sensitive customer data, particularly financial details, then this adds a new layer of risks and consequences.

If you operate in the financial sector there are clear rules about handling data with which you should be familiar. The Australian Prudential Regulation Authority (APRA) is a good place to start.

Of course you don’t need to be a bank to require data security and every business would have some documents that it wouldn’t want to fall into the wrong hands. Your industry association is usually a good source of information for data security advice relevant to your circumstances.

Government resources such as and can also make a good starting point.

It’s easy to make kneejerk security decisions, especially if you’ve experienced a security incident, but the key to managing security as with any IT project is to start by assessing your requirements.

If your house was burgled tonight you wouldn’t rush out tomorrow and put bars on all the windows, especially if the thieves broke down the back door rather than smashing a window.

That might sound like commonsense, but it’s exactly the kind of expensive and ineffective digital security mistake you can make if you rush into a security overhaul.

You need to play devil’s advocate as part of a risk assessment. What are the greatest digital security threats to your organisation? Where are you most vulnerable? Where are the single points of failure, the easiest ways to cripple the business?

Once you’ve identified and assessed the threats, both large and small, you need to weigh up the risks. What’s the likelihood of these vulnerabilities being exploited? What are the potential consequences? Are you focusing all your efforts on firewalls and antivirus, but leaving the office back door unlocked and passwords written on post-it notes for any late-night intruder to find?

This security conversation should involve key staff members and the providers/maintainers of your IT systems, which may well be outsiders if you’re a small business. You need good answers to all these questions before you decide on a solution or implement anything.

The best solutions tend to involve layers of security and once you understand the risks you’ll be able to evaluate how much time, effort and money you should allocate to addressing them. You also need to regularly reassess your risks and countermeasures.

Keep in mind that digital security is only one area of risk and it’s important to do a full business risk analysis to weigh up all the potential threats to your business. When considering the risk scenarios for your data, you need to think about local, mobile and online threats.

If you’ve spread sensitive data across multiple computers, network drives and removable storage then the process of managing and securing that data becomes far more complicated. If some of those devices regularly walk out the front door then you’ve got a new range of security concerns to address, catering for damage, loss and theft.

You might backup your data to protect against loss, but once you’re storing backup copies elsewhere then your security concerns multiply.

Offering appropriate staff secure access to a central point might be a more manageable way to work with sensitive data than spreading it around the organisation. If that data is online then you need to consider who requires access to it and whether you need to implement extra security precautions such as two-factor login authentication.

You’ll also want to think about data encryption and who will manage those encryption keys. Some business-grade online storage services let you specify your own encryption key, so even they can’t read your data. The trade-off is that if you lose that encryption key then your data is lost forever.

You’ll also need to keep a secure offline backup of your sensitive online data in case the cloud lets you down.

There’s no one-size-fits-all digital security system and making bad choices can actually make things worse by giving you a false sense of security. Rather than jumping at shadows, start by shining a little light on the situation and assessing the biggest risks to your business.


About Author

David Hancock

David Hancock is the founder and managing director of Geeks2U, a national on-site computer repair and support company.

Recent News

Popular social media destination Facebook made worldwide headlines recently, and not for the kinds of reasons that Facebook might want to be noticed. That’s because for a roughly 12 hour period, access not just to Facebook, but also Instagram and Whatsapp — all services owned and operated by Facebook — consumers worldwide had issues connecting… More 

There’s a well-known test that taxi drivers in London have to sit, called “The Knowledge”, that can take years to pass, detailing just about every street in the UK’s very disorganised capital road system. It’s tough learning that many roads, although it may have side benefits, with some studies suggesting that London black cab drivers… More 

Not that long ago, Apple surprised everyone by updating its line of Mac Mini computers. The Mac Mini isn’t like any other Mac that Apple sells. Where much of its output is in laptops, or the 2-in-1 style iMac computers, the Mac Mini is instead a “headless” computer — a fancy way of saying that… More 

There’s been a lot of speculation around foldable phones in the past 12 months, fuelled by the hype from the manufacturers busy producing devices that can fold from phone to tablet and back again — or even crazier concepts, like phones that become slap bands when you place them around your wrist. That latter idea… More