Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Four steps to becoming an information good shepherd

Lee Meyrick, Director of Information Management at Nuix | Dec. 8, 2014
Lee Meyrick of Nuix outlines four governance rules for minimising the potential for -- and damage suffered from -- data breaches.

2.  Herd valuable data
Data herding

Many organisations have intellectual property and company records stored inappropriately in file shares or email attachments. Records managers and end users alike struggle to find the time to ensure records are always filed correctly. Information governance technology can locate these records 'in the wild' and move them to controlled repositories with appropriate security, access controls and retention rules. This makes it much harder for anyone to gain unauthorised access, and makes them easier to gain use or value from.

3. Enforce data security
Data security

Increasingly strict regulations around data privacy and financial information make it imperative to hold personal, financial and health details of your employees and customers in the strictest confidence. But even when organisations set up controlled repositories for this information, it regularly escapes, whether through poor policies or employees not following the rules. By conducting regular sweeps of email, file shares and other unprotected systems, organisations can quickly locate and remediate unprotected private data. High-risk data should then be protected with appropriate encryption and access controls.

4. Maintain appropriate access controls
Access Control

Organisations should apply policies to ensure the only staff members who have access to important data are those who need it to do their jobs. It is also essential to regularly audit access controls on important systems and employees' security profiles to ensure the policy theory matches reality.

A change of mind-set
Through these efforts organisations can minimise the opportunities for malicious or accidental breaches of important information. If you know where your data is, you can respond efficiently to breaches by first targeting the high-risk storage locations. This in turn means you can close information security gaps quickly before they can be exploited again.


[i] Ponemon Institute, 2013 Fourth Annual Cost of Cyber Crime Study: Global, October 2013, www.hpenterprisesecurity.com/ponemon-2013-cost-of-cyber-crime-study-reports This survey of 234 organisations in six countries found the mean annual cost for cybercrime incidents was $7.2 million per organisation, with the average attack taking 27 days to resolve.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.