July 22nd, 2016 by Brian Courtney
Data Security, simply put is protecting data from destructive forces and from unwanted actions from unauthorized users. Data itself can take many forms inside a normal business structure. Data can be sensitive personal information about employees, or customers. Data can be pay rates and price structures. Data can be contact lists or sales leads. All businesses from the smallest to the largest have data in some form that they do not want shared or cannot afford to have shared outside the company or even, in most cases, within the same company. Enough said. We all understand the risks.
Does the data security strategy in your company stop at what we might call a “high level”? We encrypt and we require logins and have password schemes and we do data masking. The IT Professional (let’s call him Nigel) does everything he can on a global level to secure the sensitive data. What about on an individual level?
When an end user (Sally or Sam) needs to have that same data in a usable and meaningful form, and have to be able to view, edit or (GASP) print the data, then that secure data is exposed and in its most unsecure form. Real money (as opposed to Monopoly Money, or Imperial credits) has been spent on studies and reports by advanced propeller heads that point to our handy multi-function devices as the weakest point of security for data and in many cases the network itself. When Sally or Sam press the print button or press the scan button and the data transforms from physical to digital or digital to physical, do we let the user decide the data security strategy?
In my 16 years of experience being embedded in corporate America in one function or another, the overwhelming answer to the above question is YES!
Access to the Data Determines the Data Security
Nigel works hard to prevent Sally and Sam from accessing sensitive data, but someone has access to sensitive data.
Someone had the credentials to access and print the data. Someone also became a security breach. There are many strategies and solutions to help close this security breach. Data needs to be examined before output. Data needs to be examined when scanned and in some extreme situations, data needs to be examined before being copied. Users should not decide the data security strategy, either unwittingly or wittingly (is that a word?) by objecting to procedures or security measures that they may find cumbersome and cut into valuable Facebook time.
Many solutions to the issues above are available on the market today. Van Ausdall & Farrar can assist in determining the correct solution for your security needs both from a network level and from a document and user level. We would be happy to partner with your Nigel and Sally and Sam to find a solution that works and a solution that keeps all your data secure.
Posted in: Insights from VAF Blog