Focus on what counts

Protecting Your Data

July 2, 2018

Ellen Rosenbaum

view all archive

Protecting your data from both loss and exposure has become increasingly important in today’s business environment. Data breaches, natural disasters, and simple human error can all lead to unexpected and costly disruptions to your business activities.


If you’ve ever lost hours of work because you created a document, lost power, and realized you haven’t pressed the save button…. you’ve experienced one of the common forms of data loss. Unfortunately, this is just one of the many ways in which individuals and businesses can lose data.
Data loss can happen as a result of any of the following:

  • Software Failure (data corruption)
  • Hardware Failure or Damage (total loss)
  • Inadvertent Deletion (human error)
  • Malware/Virus Infections
  • Malicious Data Deletion, Theft, or Alteration (hacking or inappropriate access to data systems)

The single most important thing you can do to prevent data loss is to regularly back it up. Since data can be lost in many different ways, it’s useful to think about the nature of the data, where it is stored, how it is accessed, and the ways in which it is used to guide your decisions regarding the types and frequency of performing a backup.

If your computer is in a small office, or a home office, you may be storing most of your data directly on the computer. Is the computer in a safe place, protected from physical access or damage? Are you backing up your data either locally, in the cloud, or both? If backing up locally, what kind of hardware are you using to back it up to and how old is it? How frequently do you test the viability of the backups? (Can the backed up files be opened and read if and when you need them?)

Email represents a set of data that requires different attention when it comes to backup planning. If you are using a cloud-based service like Office 365, you may assume that you are well protected from data loss, since the email on your computer is only a copy of what is maintained in the cloud. It is advisable, however, to familiarize yourself with mailbox size limits, length of time a deleted email may be retrieved, and how accessible the backup of your individual mailbox is. Hosted email providers all have their own sets of policies and procedures.

Many users choose to archive older mail to “PST” files in order to keep the size of the active mailbox smaller. However, using this form of archiving for backup can make the user more vulnerable to data loss because these files can easily become corrupt over time. If you use this form of mail archiving, maintaining a master set of the files that remains unchanged, and permanently backed up, provides another level of protection.

If you use a workstation in an office, chances are that the majority of your data is stored either on your network server(s) or in the cloud. In this instance, backups should be addressed by your network administrator or outsourced IT firm and the frequency and location of backups, plan for disaster recovery, and data retention periods should be documented. Make it a point to review with your network administrator “what if” scenarios, so that you can familiarize yourself with the options you have, if and when data loss occurs.


Keeping your data private and protected from unauthorized access is a major concern. Depending upon the profession you are in, there may be serious financial, ethical, reputational, and legal risks if your confidential data gets into the hands of others. Being diligent about password-protecting your accounts and making sure to log out or lock access to your computer when away from your desk are essential first steps in protecting yourself. But there are many other measures you can use to protect your data from unauthorized access. Do you have an effective and password protected firewall in place for your wired and wireless networks as well as up-to-date anti-virus software installed? Are you regularly applying operating system updates? When moving your data (i.e., sending emails, uploading via portals) are precautions such as data encryption and password protection being employed? When discarding equipment (including printers), do you take appropriate steps to destroy data on hard drives and other media?


Data only remains valuable if its accuracy and consistency are maintained over time. Are there appropriate internal network security measures in place to restrict data modification to only those requiring it? Are you using current and supported hardware and software that will enable you to store and process your data accurately? Do you utilize maintenance warranties to ensure needed vendor assistance if problems arise? Do you employ quality control procedures and establish change control policies so that database and other system users are consistent in their methods for capturing and modifying data? 


Although we cannot entirely prevent data loss, disclosure, or tampering, greater awareness and concerted application of preventive actions can significantly reduce your risk of loss.

Planning ahead and putting measures into place is critical to protecting your data and should be revisited and revised as necessary to reflect changes over time and to take advantage of improvements available to establish an increasing degree of protection.


Ellen Rosenbaum is a principal at Citrin Cooperman. She has over 30 years of experience in the information technology field and can be reached at 914.693.7000 and Citrin Cooperman is a full-service accounting and consulting firm with 10 locations on the East Coast.