Another one of my features for tech magazine Computerscope has been posted online, so if you’re into that kind of thing, go check it out . . .
There is no shortage of horror stories detailing what happens when large companies drop the ball and suffer a data protection scandal. From lost laptops to mislaid memory sticks, a data protection failure can cause public embarrassment and threaten financial ruin at a time when market conditions mean many companies are particularly ill equipped to suffer a further blow to their business.
At the same time, many companies are exposed to increased data risks as a result of staff and budgetary reductions in the IT department. In particular, IT staff, perceived as non-essential, have been let go from many firms, leaving fewer people to deal with even more work. Under such conditions, data protection can easily seem like less of a priority. However, with best practice and the latest tools, your organisation can protect itself both from the regulator and the bad guys. The challenge for many companies is knowing where to start.
Who, what and how
“The first thing to know is what data you need to have handled, and who needs to handle it,” said Chris Mayers, chief security architect at Citrix. “What data is really valuable to you – is it your customer lists? Is it intellectual property? Knowing what your assets are is a key starting point, and this will be different for each company, depending on the industry they are in and the kind of firm they are.”
According to Mayers, once companies have identified the data that is crucial to them, they then need to know who needs to have that information, and where they need to be able to access it from. “For example, is it the kind of information they need to have out on the road, or do they only need it if they’re in the office,” he said.