Secure Information Exchange - Whether It’s Data in Motion or at Rest

Talk to Your Users about Their Info Exchange Needs

April 19, 2010 at 3:29 pm · Filed under Risk Management, Secure Information Exchange, User Experience

By Johnny Wright

We are living in a world where we are forced to constantly think about the security of our personal information—when we bank online, at the gas station when we swipe our credit cards, and even as we submit personal information to the federal and state government. Malicious attacks demonstrate every day that our digital data isn’t as safe as we would like it to be, which is why it’s no surprise that organizations everywhere are dealing with increasing government and industry regulations, and customer and employee scrutiny.

BusinessWeek’s Corporate Executive Board discussed personal data security in a recent article: In addition to high-profile cases that invite this attention, “companies face the challenge of managing a greater volume of sensitive information, created by increasing digitization of employee, health, financial, and other personal data.”

BW’s Corporate Executive Board provides four key steps for mitigating the risk of breaches:

1. Understand the laws, requirements and standards for any data your company collects.
2. Educate and convince your functional partners to comply with the same standards as your organization.
3. Plan to fail—that is, have a backup plan in place in case you do suffer breaches.
4. Don’t take vendor compliance for granted.

While these are all important, valid suggestions, there is an extremely important step missing, one that speaks to allowing employees access to the tools they need (and can use easily) for ensuring the security of the data they touch, whether it’s moving within and outside of the organization or while it’s at rest on their desktops, a shared server, or elsewhere.

Many of today’s breaches are unintentional, usually caused by an internal employee or a corporate partner who, in an effort to execute a task easily and quickly, makes sensitive information accessible to cyber criminals.

As a marketing professional, I’m consistently entrenched at work in exchanges via IM, within shared networks, and/or trading large multimedia files via some mechanism other than traditional email. And, I’m not alone. More and more workers require access to a broad range of communication channels to get their job done quickly and effectively. Ironically, tools to access social communication channels securely are either limited in their scope, inconvenient to use, or worse, just aren’t available. People in my position are compelled, without truly knowing the risks involved, to exchange information in an ad hoc, unmonitored way.

To truly mitigate the risk, I’d like to add to the list:

5. Talk to your employees and partners. Ask them how they interact with sensitive data and what they need in terms of IT support to get their jobs done. Then, using this information, the business and IT can make informed choices about investing in technology and implementing tools and policies for exchanging information not only easily, but more importantly, securely.

3 Comments »

  PCBA Assembly wrote @ August 29th, 2010 at 9:56 pm

As the rising of using the network,the info for personal is exposed more and more often,make someone scare,so we must focus on the info security.

  bobo wrote @ September 3rd, 2010 at 3:53 am

It is important that we should focus on the info security.

  Pandora wrote @ December 6th, 2010 at 9:59 am

technology and implementing tools and policies for exchanging information not only easily, but more importantly, securely.

Your comment