Derek Mizak, Senior Solutions Consultant at Ergo, pointed out that it is often the most simple steps which are the most effective. In this case, data managemnet acts as the foundadtion to data protection. "They don't need to be expensive or complicated practices, they just need to be executed consistently". It comes from knowing your information, first and foremost". Know your information, know where it's stored, carry out risk assessment and put adequate measures to protect it in place".
Take this opportunity now, while there's time, to give your data storage a sring clean - take stock of all the data your company is holding, and assess whether you still actually need it. This includes everything from cloud storage to that USB stick left sitting around on ashelf.
"If you lose your laptop with a list of customers on it, that's a drastic thing but it can only go so far: whoever is looking after information security at your company is going to find out that the laptop has been lost. But if there's a breach to the company website there's less chance of anyone finding out. Not unless they're carrying out regular vulnerability checks."
"The general level of awareness around data protection is low at the moment, but it really is your first line of defence. Protection, detection and awareness, you really can't do one without the other".
More and more, we have been hearing about companies who are not yet fully compliant with GDPR. In the latest...Read now
Security architecture refers to a unified security design that addresses requirements and potential risks involved in a certain scenario or...Read now