Simply Security - News, Views, and Opinions from Trend Micro

Posted on April 25th, 2012 in Vulnerabilities - DO NOT USE by Simply Security | Be the first to comment | Tags: Vulnerabilities - DO NOT USE

Data protection should be a business priority.

A data breach can have serious repercussions on a company, including fines, damaged reputation and even lawsuits. These incidents are often difficult to prevent because they can stem from malicious outsiders, negligent employees and accidentally sharing confidential records with the wrong colleagues. In order to improve IT security, decision-makers need to start with internal assessments and expand outward.

Examining where confidential records are stored is a good starting place. Sometimes the location of information is overlooked by IT departments, according to a ZDnet report, resulting in vulnerabilities that can be exploited. By outsourcing information to the cloud, organizations can reduce these weaknesses.

Cloud computing gives decision-makers the ability to enforce strict and uniform data protection policies that can be carried throughout entire virtual environments. This end-to-end security will help companies adjust to the consumerization of IT as they deploy more mobile devices throughout the workplace by encrypting all sensitive records and blocking unauthorized individuals from accessing them, ZDNet reported.

Additionally, consumerization is requiring data to become more portable, as employees demand the ability to work remotely and still have access to mission-critical information and applications. Decision-makers should consider restricting how transportable confidential records can be, ZDNet said.

By using data classification programs, chief information officers and IT departments can reduce the visibility of sensitive files and only allow certain individuals to view them. As a result, documents will be less exposed and a breach is less likely to occur, even with the advent of BYOD (bring your own device) programs, in which employees can use personal tablets, smartphones and laptops for work.

Decision-makers also need to conduct more structured digital and physical assessments to expose any vulnerabilities that may be easy to overlook, ZDNet said.

According to a recent PricewaterhouseCoopers (PwC) study, internal data privacy and security audits are becoming the most commonly requested evaluations.

"As the risk landscape continues to evolve, the majority of business leaders surveyed said they are not comfortable with how their risks are being managed, although 74 percent of those surveyed have formal enterprise risk management processes," said Dean Simone of PwC.

Organizations also need to ensure they remain compliant with any industry data protection requirements, especially as BYOD and cloud computing drive policy changes, ZDNet reported.

Keeping sensitive data protected should be the No. 1 priority for businesses today, as a data breach can cause customers to lose faith in the company, resulting in loss of revenue, fewer sales and, ultimately, failure to survive the unstable economy.

Data Security News from SimplySecurity.com by Trend Micro