Getting To Grips With Data Security

Information security is no longer solely an issue for the geeky IT department. With well over half* of data leakages caused by staff, the issue has to be addressed by all employers who give two hoots about the confidentiality of their data and their reputation.

Following the recent number of high profile data losses, we’ve seen information assurance moved up the agenda from IT department to boardroom by those organisations which understand that information has become one of the modern currencies of society.

The ability of disillusioned employees, ex-employees or groups of activists to damage an organisation by taking, deleting, altering or otherwise misappropriating the critical business information of the employer and either passing it to a competitor, or simply using it for their own ill-gotten gains, is now a very real issue.

When the office was the only place we kept business information, life was straightforward - to secure information we emptied our Recycle Bin, did a bit of shredding, closed and locked the office door. Today we expect and need to have information in a wide variety of locations and with this increasing mobility we now have a critical need for improved security if we are not to allow others to gain access to our information inappropriately.

Today, therefore it is critical for any information assurance system to be grounded firmly in the business world and this means that it is not an issue only for the IT manager or the security officer but for the whole company. Any person employed to control your organisation’s IT infrastructure really needs to read up on information security principles, information risk, information security framework, and information security controls. Only then can your company feel safe when its PCs are powered down and its doors locked at the end of the working day.

* Source: Lots