Almost all organizations collect and store information about injuries and illnesses, environmental performance, sustainability and risk.
This data contains loads of sensitive information about your employees and your business — and that’s exactly the type of information cyber criminals are after.
Unfortunately, many organizations don’t have the necessary systems in place to keep their EHS data safe.
To help you fix that, here are some steps you can take to secure your EHS data.
10 EHS Data Security Tips
- Stop using spreadsheets
- Move to the cloud
- Backup your data
- Restrict access
- Automatically install updates
- Use strong passwords
- Don’t store passwords on or near your computer
- Use single sign-on
- Lock your smartphone or tablet
- Update your mobile devices
1. Stop using spreadsheets
If you’re like most organizations, you probably use spreadsheets for some or all of your EHS data. But have you stopped to consider what could happen to your information? Spreadsheets can easily get deleted, saved over, or accidentally shared with the wrong people. Not only that, but if you forget or lose a spreadsheet password, you’re out of luck — Microsoft can’t retrieve it for you. Learn more about the dangers of using spreadsheets in EHS here.
2. Move to the cloud
Instead of Excel, think about moving your EHS data to the cloud. Modern cloud services are highly secure, reliable, and affordable. With cloud-based EHS software, you’ll have access to security features like disaster recovery, network security, encryption, and 24/7 support. And since your data is stored in the cloud rather than on a local device, it’s still accessible even if your computer crashes.
3. Backup your data
Speaking of crashes, we’ve all experienced the sinking feeling of losing our vacation photos or a powerpoint for an important meeting when our computer bites the dust. Backing up your data can help protect your information in case it gets lost, stolen, or destroyed. It’s a good idea to create backup copies of your EHS data often, or better yet, use a software system like Perillon that backs up your data for you.
4. Restrict access
The fewer people who have access to sensitive data, the less likelihood information will end up in the wrong hands. Limiting data access to only what’s required for each job function is crucial to preventing a security incident. If you’re using Perillon, you can easily set permissions so that only need-to-know employees can access sensitive data.
5. Automatically install updates
Software updates often include critical patches and fixes for known security vulnerabilities. So if you don’t update your software, you’re putting your EHS data at risk. It’s all too easy to forget to install updates or click ‘ignore’ on those little popups, so you might want to consider turning on automatic updates. Or, if you’re a Perillon customer, your software will be updated automatically during standard maintenance so you never have to think about it.
6. Use strong passwords
Passwords are the first line of defense between your EHS data and criminals who want it. The stronger your password, the more secure your information will be. A strong password is one that is easy for you to remember but difficult for hackers to guess.
7. …and don’t store them on or near your computer
Here’s something we’ve seen in many offices: people storing their passwords on a sticky note on their computer monitor or under their keyboard. Unfortunately, keeping your passwords on a sticky note by your computer is "akin to leaving your keys in your car," says The Ohio State University's Office of the Chief Information Officer.
8. Use single sign-on (SSO)
Of course, keeping track of dozens of passwords for work is a huge pain, so you might want to explore using single sign-on. As the name implies, single sign-on involves using a single ID and password to gain access to several systems (for example, when you use your Google account to log in to LinkedIn or Netflix). Modern EHS software systems like Perillon support SSO that you don’t have to remember an additional ID and password.
9. Lock your smartphone or tablet
Today, many EHS professionals use their mobile devices to access sensitive business data — in addition to their own personal emails, medical records, and even banking information. Yet, a recent Pew Research Center report found that more than a quarter (28%) of smartphone owners don’t use a screen lock or other security features to protect their phone. If you haven’t set up a PIN, password, pattern, or face detection, now is the time to do so.
10. Updates your mobile devices
The same Pew Research report found that 40% of smartphone owners only update when it’s convenient, and 10% never update the apps on their phone at all. Updates aren’t just for your PC — updating your mobile operating system and apps is an important way to keep your data secure, so again, be sure to enable automatic updates on your mobile devices.
To learn more about keeping your EHS data secure, check out these common myths about information security.