Information security. How safe is your information?
Irrespective of the business size, type and location all businesses will hold confidential client information either in the form of a customer database on PC's,/Laptops, mobile devices or in the cloud.
Have you noticed how many document security breaches appear to be in the news these days?
We can no longer be dismissive of the data we hold within our businesses and more and more companies are looking at ways they can improve their document security policies.
From confidential interviewee information being carelessly discarded in an office bin to an employee leaving details regarding a customer they deliver services to on the seat of a train.
At some point you may have left car keys, house keys, wallet, mobile phone, shopping or important files somewhere or other. Such lapses in concentration can be distressing, costly, embarrassing and worse still, dangerous.
Millions of files are transmitted daily to various third party providers such as payroll and billing files containing names and addresses, data cleansing services, marketing services and social media often without any real thought as to what might happen if the data was misappropriated.
But, we are, only human and therefore susceptible to human error.
The Data Protection Act of 1998 and it's update of 2007, was designed to ensure that information held by any party or organisation should be done so by following principle 7 that "appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data".
In practice this means the data a business holds must have the appropriate level of security to prevent it being lost or compromised.
What the act doesn't specify is the security measures you should have in place. Certain industries will have specific standards imposed on them by their regulatory body.
The security measures you put in place as a business will depend on the what your company does.
Physical and technological security should be commonplace in any business along with information and document management policies so employees are well versed on how they manage documents both paper and electronic.
Depending on the size of the organisation, it is good practice to have a person or department who takes day day to day responsibility for security measures.
Technical security of laptops and PCs to protect computerised information are important but often security issues are as a result of the theft or loss of a laptop or mobile device; or old PCs being disposed of without the hard drives being destroyed.
The physical aspect of principle 7 relates to how secure your office premises are such as doors, locks, alarms, CCTV, security lighting and how you control access to your premises.
How do you know if your information is secure?
The act says you should have security that is:-
- Appropriate to the nature of information in question
- The harm that might result from it's improper use, or from its accidental loss or destruction
The act doesn't define 'appropriate' nor does it state you must have the latest state of the art security to protect personal data. But common sense should prevail and a regular over view of your security arrangements as technology advances is a good thing to put in place.
Businesses talk to their customers daily often holding vast amounts of information in a customer relationship database that probably contains where they live, birthdays, spouse details, childrens' names, where they went on holiday and their hobbies.
This is still personal information that a business is holding in relation to another individual/company.
What would happen if this information was compromised?
If you shiver at the prospect of that happening then you need to ask yourself has the organisation taken the appropriate steps to protect and secure information both electronically and paper based.
What steps can you take to ensure that you have the best information/document security in place?
- Implement an information and document management security policy and make sure all employees know what is required of them when it comes to document management
- Data encryption should be used when it is on the move and at rest
- Firewalls in place, DMZ, all USB and removable ports disabled
- User access controls
- Password management
- Personal email and messenger applications blocked for employees
- Clear desk policy
- Internet and email usage policies
- Disaster recovery if relevant to the business
- Implement a print management solution with secure print tracking software so documents are held on a secure print server requiring authentication. Printed documents remain secure and confidential.
You might also be interested in
My background is delivering business solutions for companies that are wanting to outsource a business function by providing expert advice on payslip processing and printing, invoice processing, print, mail and electronic distribution of documents, accounts automation - AR and AP solutions.
Additionally through multichannel those important...
Replies (15)
Please login or register to join the discussion.
Greate post. Keep posting such kind of info on your page.Im really impressed by your blog.
Lipozene
Thanks on your marvelous posting! I quite enjoyed reading it, you can be a great author.I will be sure to bookmark your blog and will often come . Forskolin
Simply want to say your article is as surprising. The clarity on your put up is simply cool and i could suppose you're an expert in this subject. Manila Administration Jobs
Thanks on your marvelous posting! I quite enjoyed reading it, you can be a great author.I will be sure to bookmark your blog and will often come . Manila Philippines PHP Jobs
Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something Quezon City Call Center Jobs
Tubemate Dowmload for pc
Now You Can easily login www.hotmail.it for free
Tubemate For PC Download
Moviebox
Cartoon HD
Happy New Year 2017
Happy New Year 2017
Happy New Year
Happy New Year
Best App To download Tutu Helper
Tutuapp
Nox App
www.tutuapp.vip
www.tutuapp.com
www.tutuhelper.com
Pure Garcinia Cambogia NZ
Garcinia Cambogia
Another great post, I appreciate all the work you put into this site, helping out others with your fun and creative works. forskolin Weight loss
TuTu Helper Download
nice post thank you for sharing .
zetaclear
lifecell
good post Thanks on your marvelous posting- perlelux cream