Save content
Have you found this content useful? Use the button above to save it to your profile.

Information security. How safe is your information?

22nd Feb 2016
Save content
Have you found this content useful? Use the button above to save it to your profile.

Irrespective of the business size, type and location all businesses will hold confidential client information either in the form of a customer database on PC's,/Laptops, mobile devices or in the cloud.

Have you noticed how many document security breaches appear to be in the news these days?

We can no longer be dismissive of the data we hold within our businesses and more and more companies are looking at ways they can improve their document security policies.

From confidential interviewee information being carelessly discarded in an office bin to an employee leaving details regarding a customer they deliver services to on the seat of a train.

At some point you may have left car keys, house keys, wallet, mobile phone, shopping or important files somewhere or other. Such lapses in concentration can be distressing, costly, embarrassing and worse still, dangerous.

Millions of files are transmitted daily to various third party providers such as payroll and billing files containing names and addresses, data cleansing services, marketing services and social media often without any real thought as to what might happen if the data was misappropriated.

But, we are, only human and therefore susceptible to human error.

The Data Protection Act of 1998 and it's update of 2007, was designed to ensure that information held by any party or organisation should be done so by following principle 7 that "appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data".

In practice this means the data a business holds must have the appropriate level of security to prevent it being lost or compromised.

What the act doesn't specify is the security measures you should have in place. Certain industries will have specific standards imposed on them by their regulatory body.

The security measures you put in place as a business will depend on the what your company does.

Physical and technological security should be commonplace in any business along with information and document management policies so employees are well versed on how they manage documents both paper and electronic.

Depending on the size of the organisation, it is good practice to have a person or department who takes day day to day responsibility for security measures.

Technical security of laptops and PCs to protect computerised information are important but often security issues are as a result of the theft or loss of a laptop or mobile device; or old PCs being disposed of without the hard drives being destroyed.

The physical aspect of principle 7 relates to how secure your office premises are such as doors, locks, alarms, CCTV, security lighting and how you control access to your premises.

How do you know if your information is secure?

The act says you should have security that is:-

  • Appropriate to the nature of information in question
  • The harm that might result from it's improper use, or from its accidental loss or destruction

The act doesn't define 'appropriate' nor does it state you must have the latest state of the art security to protect personal data. But common sense should prevail and a regular over view of your security arrangements as technology advances is a good thing to put in place.

Businesses talk to their customers daily often holding vast amounts of information in a customer relationship database that probably contains where they live, birthdays, spouse details, childrens' names, where they went on holiday and their hobbies. 

This is still personal information that a business is holding in relation to another individual/company.

What would happen if this information was compromised?

If you shiver at the prospect of that happening then you need to ask yourself has the organisation taken the appropriate steps to protect and secure information both electronically and paper based.

What steps can you take to ensure that you have the best information/document security in place? 

  • Implement an information and document management security policy and make sure all employees know what is required of them when it comes to document management
  • Data encryption should be used when it is on the move and at rest
  • Firewalls in place, DMZ, all USB and removable ports disabled
  • User access controls
  • Password management
  • Personal email and messenger applications blocked for employees
  • Clear desk policy 
  • Internet and email usage policies
  • Disaster recovery if relevant to the business 
  • Implement a print management solution with secure print tracking software so documents are held on a secure print server requiring authentication. Printed documents remain secure and confidential.
Tags:

You might also be interested in

Replies (15)

Please login or register to join the discussion.

avatar
By Lipozene66
11th May 2016 19:39

Greate post. Keep posting such kind of info on your page.Im really impressed by your blog.
Lipozene

Thanks (0)
avatar
By Lipozene66
14th May 2016 14:06

Thanks on your marvelous posting! I quite enjoyed reading it, you can be a great author.I will be sure to bookmark your blog and will often come . Forskolin

Thanks (0)
avatar
By Lipozene66
24th Jul 2016 14:16

Simply want to say your article is as surprising. The clarity on your put up is simply cool and i could suppose you're an expert in this subject. Manila Administration Jobs

Thanks (0)
avatar
By Lipozene66
28th Jul 2016 07:24

Thanks on your marvelous posting! I quite enjoyed reading it, you can be a great author.I will be sure to bookmark your blog and will often come . Manila Philippines PHP Jobs

Thanks (0)
avatar
By Lipozene66
04th Aug 2016 18:55

Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something Quezon City Call Center Jobs

Thanks (0)
avatar
By mrsdirAY55
04th Sep 2016 06:15
Thanks (0)
avatar
By mrsdirAY55
07th Sep 2016 09:52
Thanks (0)
avatar
By mrsdirAY55
03rd Oct 2016 19:51

Best App To download Tutu Helper
Tutuapp
Nox App

Thanks (0)
avatar
By Lipozene66
24th Nov 2016 15:39

Another great post, I appreciate all the work you put into this site, helping out others with your fun and creative works. forskolin Weight loss

Thanks (0)
avatar
By mrsdirAY55
02nd Feb 2017 10:03
Thanks (0)
avatar
By Braydenjsmit
02nd Apr 2018 09:20

nice post thank you for sharing .
zetaclear
lifecell

Thanks (0)
avatar
By Braydenjsmit
02nd Apr 2018 09:23

good post Thanks on your marvelous posting- perlelux cream

Thanks (0)