#8 –Settling For Less Than Real Security
Knowing what enterprise data protection technologies, policies and procedures are “reasonable” relative to peer organisations is useful information, but don't allow others' actions to determine your security plan and goals. Model your policies and processes after the best practices of the most secure organisations in your industry, rather than those used by the common denominator. Strive for excellence.
#9 – Fragmented processes and policies
Despite claims that protecting data assets is strategic to an enterprise, the scope of data protection projects is all too often either regulation or department-specific.
Look at developing an enterprise-wide data protection strategy instead. The goal of the project is not to produce a report, but to build awareness and executive support for the treatment of sensitive data assets with technologies, policies and procedures that match with the regulations, the utilisation and the potential loss if the data assets were to be compromised.
#10 – Retaining sensitive data without balancing risks against rewards
Retaining sensitive data can be very valuable for analytic, marketing and relationship purposes. The rewards can be very high, provided you can properly secure the data and reduce the risks of storing it.
Make sure that your organisation's risk reward ratio is balanced toward reward and the data is being used in a way that brings real benefits to your organisation. And if securely storing data is costing more than its value to your organisation, it's time to refine your data retention policy.
………….
About the author:
Gordon Rapkin is President and CEO of Protegrity with more than 20 years of wide-ranging experience as an executive in the software industry. Prior to joining Protegrity, Gordon held executive positions at Transcentive, Inc., Decisionism Inc. and at Hyperion Software (now Hyperion Solutions, Inc.). Gordon holds a degree in biochemistry from Syracuse University, as well as an MBA and a law degree, both from Emory University.
Protegrity is exhibiting at Infosecurity Europe 2008, Europe’s number one dedicated Information security event. Now in its 13th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,700 visitors from every segment of the industry. Held on the 22nd – 24th April 2008 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security. www.infosec.co.uk Tags: Business Continuity, Compliance, Data Management, Information Life Cycle, Information/Data handling
Knowing what enterprise data protection technologies, policies and procedures are “reasonable” relative to peer organisations is useful information, but don't allow others' actions to determine your security plan and goals. Model your policies and processes after the best practices of the most secure organisations in your industry, rather than those used by the common denominator. Strive for excellence.
#9 – Fragmented processes and policies
Despite claims that protecting data assets is strategic to an enterprise, the scope of data protection projects is all too often either regulation or department-specific.
Look at developing an enterprise-wide data protection strategy instead. The goal of the project is not to produce a report, but to build awareness and executive support for the treatment of sensitive data assets with technologies, policies and procedures that match with the regulations, the utilisation and the potential loss if the data assets were to be compromised.
Article continues after advert
Retaining sensitive data can be very valuable for analytic, marketing and relationship purposes. The rewards can be very high, provided you can properly secure the data and reduce the risks of storing it.
Make sure that your organisation's risk reward ratio is balanced toward reward and the data is being used in a way that brings real benefits to your organisation. And if securely storing data is costing more than its value to your organisation, it's time to refine your data retention policy.
………….
About the author:
Gordon Rapkin is President and CEO of Protegrity with more than 20 years of wide-ranging experience as an executive in the software industry. Prior to joining Protegrity, Gordon held executive positions at Transcentive, Inc., Decisionism Inc. and at Hyperion Software (now Hyperion Solutions, Inc.). Gordon holds a degree in biochemistry from Syracuse University, as well as an MBA and a law degree, both from Emory University.
Protegrity is exhibiting at Infosecurity Europe 2008, Europe’s number one dedicated Information security event. Now in its 13th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,700 visitors from every segment of the industry. Held on the 22nd – 24th April 2008 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security. www.infosec.co.uk Tags: Business Continuity, Compliance, Data Management, Information Life Cycle, Information/Data handling
Add Your Comment
Follow on Twitter
More Articles
News
Hot Topics
Office Web
Office web is the latest addition to Microsoft's Office business suite and is set to be the company's most revolutionary version.
Office 2010
Microsoft's 14th version of its award winning, multi-billion dollar cash cow business suite, is the company's most ambitious to date.
Spotify
Spotify is certainly one of the most popular online music websites in the world which is a feat for a service that was officially launched only in February 2009
ITProPortal.com - Sponsored Section
Featured Content
- The New Voice of the CIO. 158 CIOs in midsized businesses across 31 countries reveal their insights and vision for enhancing
competitiveness over the next five years.
Download Document
Customer Case Studies
- How a wine wholesaler improved the flow of information
Download full case study
- The server that made an entire university smarter
Download full case study
Videos
Latest Tweets
Comments