I meet with many Tour Operators struggling with data security. This list is compiled from observations and discussion with Tour Operators who are successfully managing their data security by preparing for potential disaster.
Let’s assume you understand the very basics of data security first. You should have unique and not obvious passwords (not 12345 or ‘password’), have your firewall on, you don’t click on dodgy download links and your antivirus software is up to date.
If you don’t know what I’m talking about above then step away from the computer. Quickly. These fundamental security measures were recently covered off in my 7-year-olds’ starting with computers lesson’ so let’s consider these security measures a given.
Here are my top tips to help Tour Operators take your data security to the next level.
1 Take Data Security Seriously
Taking data security seriously is the simplest of changes you can make. By considering the implications of a security breach you can assess how important security is to you, what data is important and where your vulnerabilities lie.
2 Conduct a Security Audit
Sounds boring eh. Just taking security seriously won’t help on its own. You need to back up the change of intent with easy to follow security policies and processes Deciding to take data security seriously is the easy part. Implementing improvements will take a bit of work however and the best place to start is a security audit. You may be faced with truths you don’t want to be faced with however so be prepared to make changes.
3 Make Staff Aware of the Important Role they Play
Then ensure your staff is trained on data security best practices in accordance with your policies. A simple mistake or a policy ignored can have drastic, far-reaching consequences. So once your tour business has set a policy, train your staff, set high standards and ensure you have the team buy-in. You will also need to follow the new security procedures. The weakest link is usually an owner operator not following best practice.
4 Keep Physical Information Secure
IT security is one thing but we still have a huge amount of physical data that needs to be secured and not just from theft. Think natural disaster or fire. What happens if your building goes up in smoke destroying years of important data? You need this data secured in a suitable environment or copied and stored digitally with cloud access. There will be a cost to this but what is the cost of losing the data?
5 Keep Physical Hardware Locked Down
Laptops and mobile devices are the new PC. Mobile devices ensure we can work in more places with less downtime making them far more productive. A downside of this increased mobility is the increased likelihood of a laptop becoming broken, stolen or lost. Ensuring tip number 6 is followed ensures you can be up and running again in no time and ensuring basic password security is followed ensures your data is protected from theft.
You don’t want to physically lock down mobile devices so the key to protecting your data from loss of hardware is about vigilance and following the best practices laid out in your security policy, particularly around login and password security. Do not store your passwords in your browser for example. I know it makes it easier for you to login to Facebook but it also allows computer thieves to access your passwords!
6 BackUp. BackUp. BackUp.
In a way this is a basic data security measure however I include it here because how and when you backup can be complicated and is normally determined by the importance of the data to be backed up. I have seen Tour Operator with a system based on pen and paper original quotes and backing up involved photocopying everything and storing multiple locations. In the modern business environment this is crazy. However more crazy is only having 1 version of your companies database that isnt backed up regularly.
For clients using an offline database we recommended backing up TourWriter daily and storing this backup in an online folder. Our online hosted clients data is continuously backed up every 15 seconds. You may not think you require this level of security however many businesses consider this a minimum standard.
Bottom line, you need to determine how much data you are happy to lose then and back up accordingly.
7 Don’t Delay Data Security
The unexpected happens when… well we don’t know, it’s unexpected. Putting off investing in improving your data security could save you money in the short term. There are many examples of businesses destroyed due to the destruction of important data.
Do you want to risk it?