The 10 Most Common Data Security Issues and How to Solve Them
18 April, 2008
#8 –Settling For Less Than Real Security
Knowing what enterprise data protection technologies, policies and procedures are “reasonable” relative to peer organisations is useful information, but don't allow others' actions to determine your security plan and goals. Model your policies and processes after the best practices of the most secure organisations in your industry, rather than those used by the common denominator. Strive for excellence.
#9 – Fragmented processes and policies
Despite claims that protecting data assets is strategic to an enterprise, the scope of data protection projects is all too often either regulation or department-specific.
Look at developing an enterprise-wide data protection strategy instead. The goal of the project is not to produce a report, but to build awareness and executive support for the treatment of sensitive data assets with technologies, policies and procedures that match with the regulations, the utilisation and the potential loss if the data assets were to be compromised.
#10 – Retaining sensitive data without balancing risks against rewards
Retaining sensitive data can be very valuable for analytic, marketing and relationship purposes. The rewards can be very high, provided you can properly secure the data and reduce the risks of storing it.
Make sure that your organisation's risk reward ratio is balanced toward reward and the data is being used in a way that brings real benefits to your organisation. And if securely storing data is costing more than its value to your organisation, it's time to refine your data retention policy.
………….
About the author:
Gordon Rapkin is President and CEO of Protegrity with more than 20 years of wide-ranging experience as an executive in the software industry. Prior to joining Protegrity, Gordon held executive positions at Transcentive, Inc., Decisionism Inc. and at Hyperion Software (now Hyperion Solutions, Inc.). Gordon holds a degree in biochemistry from Syracuse University, as well as an MBA and a law degree, both from Emory University.
Protegrity is exhibiting at Infosecurity Europe 2008, Europe’s number one dedicated Information security event. Now in its 13th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,700 visitors from every segment of the industry. Held on the 22nd – 24th April 2008 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security. www.infosec.co.uk
Knowing what enterprise data protection technologies, policies and procedures are “reasonable” relative to peer organisations is useful information, but don't allow others' actions to determine your security plan and goals. Model your policies and processes after the best practices of the most secure organisations in your industry, rather than those used by the common denominator. Strive for excellence.
#9 – Fragmented processes and policies
Despite claims that protecting data assets is strategic to an enterprise, the scope of data protection projects is all too often either regulation or department-specific.
Look at developing an enterprise-wide data protection strategy instead. The goal of the project is not to produce a report, but to build awareness and executive support for the treatment of sensitive data assets with technologies, policies and procedures that match with the regulations, the utilisation and the potential loss if the data assets were to be compromised.
#10 – Retaining sensitive data without balancing risks against rewards
Retaining sensitive data can be very valuable for analytic, marketing and relationship purposes. The rewards can be very high, provided you can properly secure the data and reduce the risks of storing it.
Make sure that your organisation's risk reward ratio is balanced toward reward and the data is being used in a way that brings real benefits to your organisation. And if securely storing data is costing more than its value to your organisation, it's time to refine your data retention policy.
………….
About the author:
Gordon Rapkin is President and CEO of Protegrity with more than 20 years of wide-ranging experience as an executive in the software industry. Prior to joining Protegrity, Gordon held executive positions at Transcentive, Inc., Decisionism Inc. and at Hyperion Software (now Hyperion Solutions, Inc.). Gordon holds a degree in biochemistry from Syracuse University, as well as an MBA and a law degree, both from Emory University.
Protegrity is exhibiting at Infosecurity Europe 2008, Europe’s number one dedicated Information security event. Now in its 13th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,700 visitors from every segment of the industry. Held on the 22nd – 24th April 2008 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security. www.infosec.co.uk
Recommended Articles
blog comments powered by Disqus
