It's 3 AM - Do You
Know Where Your Data Is?
By Peter DeHaan
It doesn't matter
what type of company you run, your operation has amassed a great
deal of valuable data. You have a
treasure trove of customer information, including phone numbers,
mailing addresses, email addresses, billing histories, demographic
profiles, social security numbers, bank account numbers, and credit
card numbers. Some of this data was purchased, while
you garnered the rest over time, using meticulous recording keeping.
Even the smallest
of businesses possess an extraordinary amount of priceless
information, while larger organizations store millions of data
points -- all nicely organized, painstakingly verified, carefully
stored, and dutifully backed up.
You have all that
information, but what are you doing with it? No, I'm not talking
about harnessing it to produce a competitive advantage or turning it
into a core distinctive (think of how Google is astutely exploiting
the vast minutia of data they have accumulated). I'm sure you know
you must do these things and are diligently working on them. What I
am referring to is protecting your immense information stash from
the nefarious reach of notorious hackers, cyberspace's criminal
elite -- hard to catch and harder still to prosecute.
With the theft of
personal information steadily increasing -- due to an insatiable
demand and relatively low risk -- there is a greater likelihood that
your business could soon be a victim. Data security, which is
best left for the security experts, will not be detailed in this
short article, but you are being implored to steadfastly protect
one of your organization's most valuable assets.
First, you need
someone with the requisite knowledge and experience to be in charge
of securing your computers, network, intranet, and Internet access
points. Next, you need to give them the resources needed to do the
job. I'm not suggesting that you provide an unlimited budget or
give them a blank check, but when they say it will cost X dollars to
do the job, don't provide half that amount and expect optimum
results. If you cut the funds, some items will remain insecure or
be only partially secured. That would be akin to locking the doors
of your office, but leaving the windows open -- or installing a
building security system, but never connecting it to the monitoring
station. Don't handcuff the crime stoppers.
Next, realize that
many security breaches are inside jobs. Yes, I know you carefully
screen new hires and trust your staff not to steal from you -- I'd
be disappointed if you didn't hold your staff in high esteem.
However, the reality is that, many cases of data theft involve a
complicit insider. To address the people side of the equation, you
need your human resources department involved, along with IT and
your security officer. Together they can put safeguards in place
that will restrict access, limit the scope of information available,
and provide an electronic log of activity.
Your data -- and
your company's future -- is on the line. Make sure it's a secure
one.
Read other articles and learn more about
Peter DeHaan.
[Permission is granted to
reprint or reuse this article, provided credit is given to the author and the
above contact information is included. Notify Reuse@PeterDeHaan.com
and a provide copy or link.]
|
