|
Data Protection is common sense By Robert May, Managing Director at leading IT solutions consultancy ramsac
(M2 PressWIRE Via Acquire Media NewsEdge) With the holiday season finally here and numerous events and activities going on, the summer is a time of multiple distractions and this is particularly evident with this years World Cup. It is very easy to give less consideration to more the mundane but crucial business matters. Without giving too many football puns, it would be very easy to take your eye off the ball with regards to essential, but less visible concerns, such as the perennial consideration of data protection. However the penalties, be they legal, reputational or relational can be far reaching and potentially ruinous, particularly with the UK and worldwide economy looking to get back on its feet against significant odds.
The Data Protection Act 1998 sets out robust legislation with regards to the security of private sensitive data and gives a wide scope for penalties when organisations fail to meet the criteria. Whilst data protection is especially relevant for professional organisations and businesses, such as law firms or medical establishments, the onus is on all businesses to take appropriate steps and continually monitor the levels of security to maintain Quality Assurance integrity.
The image of data security within the public sector has been somewhat tarnished in recent times with high profile leaks by government bodies being reported in the media, often with the loss of data being from mobile devices that have been misplaced. If nothing else, these events underline the hugely widened scope for the potential compromise of sensitive data through the increasingly mobile proliferation of modern IT networks and data storage.
There are, however, sensible and logical steps that can be taken to physically secure data: Make sure that passwords are in place to protect sensitive information and that the issuing of such passwords is tightly controlled, with only those that really need it having access to sensitive data.
Limit the amount of data that can be physically copied and removed from designated company sites. This may sound obvious but unless stipulated, many IT networks will not put a physical boundary to employees copying files directly to a mobile device or memory stick. If appropriate, limit the number of physical access points (i.e. USB ports) to the network or instruct the IT manager to amend network settings to manage this.
Where data is legitimately physically removed from the premises on mobile devices (such as laptops, smartphones and memory sticks) make sure that sensitive data files are held in secure, password or encrypted files so that even if they are lost/stolen the data cannot be accessed by unauthorised people.
Naturally the physical removal of data isnt the only way in which sensitive information can be haemorrhaged in an age where the Internet dominates business and indeed much of our general lives, it is still a highly potential access portal for skilled cyber criminals to infiltrate IT systems with often near-total anonymity. Happily there is a vast choice of Internet Security products which can be used to further safeguard the usual password encryption safeguards which, in much the same way as they do with mobile devices, offer the most obvious and straightforward defence against online threats. Internet Security software adds a further layer of protection, to combat nefarious spyware (software which can be secretly used to spy on details entered by authorised users, such as passwords, to bypass standard security measures) and beef up the protection already offered by good network security, which should already be in place on all organisations IT systems.
Protection of data may not be the sexiest business subject, but the consequences of failing to ensure it can be disastrous to your reputation and the company bank balance. With all the numerous IT safeguards available the key is common sense. Data protection has much in common with the protection of any business assets. Keeping the potential for loss to a minimum is as much about good business housekeeping as it is about keeping up with the latest in IT security features. To borrow one more football analogy, it is just as important to stop an own goal as it is to defend against your opponents and you should never be caught off guard.
About ramsac
Founded in 1991, ramsac offers a menu of outsourced stress-free IT services that allows clients to match their individual needs. For some clients it may simply be support at the end of the phone, for others a part-time network manager, for many businesses its help in developing a longer term overall IT strategy. Whatever the requirement clients are guaranteed impartial, jargon-free advice.
This enables those businesses and organisations for which a dedicated in-house IT department may not be practical, to outsource all or part of their IT needs. In return they benefit from properly planned cutting edge IT solutions and support without any of the headaches often associated with managing technology. The end result is that any business can now get top level joined-up grown up IT advice for a fraction of the cost ramsac is committed to providing excellence in customer service and is proud to maintain a 97% client retention rate. In 2007, the company was named as Surrey SME Business of the Year. ramsac is also an ISO 9001 Quality Approved firm, a Microsoft Gold Certified Partner, a Citrix Silver Partner and an accredited Investor in People.
((Comments on this story may be sent to info@m2.com))
(c) 2010 M2 COMMUNICATIONS
[ Back To Homepage ]
|
Home
Featured Article Archives
eNews
RSS FEED
