Dave Fisher says the key to limiting data loss is to look to technologies that control access to sensitive information
Heightened information privacy regulations are proving increasingly problematic for companies, especially those which are frequently required to co-operate with external bodies.
Many companies, particularly in sectors such as healthcare and finance, have to share information with outside organisations on a daily basis, which significantly raises the risk of data loss or security breaches.
The large number of organisations whose current security solutions aren’t up to the job leave staff vulnerable, making them easy targets in security incidences, while also risking the safety of others. This could become even more serious with the proposed amendment by the House of Lords to make it a criminal offense to disclose personal information intentionally or recklessly.
Consequently, privacy regulations aimed at reducing these risks, have upped the compliance burden and boosted costs. In order to monitor internal systems and employees, compliance officers are in many cases being recruited at an additional cost to the company.
However, even new compliance teams are often unable to prevent breaches from happening in real-time, while the absence of audit trails can mean that when incidents occur, companies are unable to trace its origin, leading to severe repercussions for many, often innocent people.
This was the case when George Clooney was admitted to hospital last year after a motorcycle accident. His personal details were leaked to the press, which led to a widespread investigation and 27 employees being suspended as the hospital was unable to pinpoint exactly who had accessed the information.
“The key to limiting this risk is to look to technologies that control organisation-wide access to sensitive information, both internally and externally across multiple platforms.
This demonstrates just how central a good security strategy has become to any organisation. The key to limiting this risk is to look to technologies that control organisation-wide access to sensitive information, both internally and externally across multiple platforms.
This gives external organisations authorised access to centrally-saved information, speeding up business processes, without compromising security. It also reduces the security risk, as previously companies have often had to send hard-copies of sensitive information which, as recent high profile UK Government incidents prove, have a higher likelihood of getting intercepted or lost. With data breaches estimated to cost companies an average £47 for every record lost (Ponemon Institute), data protection is now a very real and serious concern.
New security applications can ensure all employees comply with regulations, which actually reduces governance costs by intelligently monitoring systems and eliminating the need for compliance officers. With this type of corporate-wide compliance infrastructure, employees will be unable to contravene regulations, due to run-time policy enforcements that block any unapproved activity.
Real-time monitoring can identify and immediately flag suspicious trends, preventing employees from breaking company rules, while providing the crucial audit trail that ensures innocent employees are not implicated in security breaches.
This gives companies greater control over customer care and confidentiality, and not only avoids the monetary cost of a data breach, but also saves them from embarrassing security incidents which can significantly damage an organisation’s reputation, and cause customer churn and distrust. Companies must show they value their customers by complying with information privacy regulations and, adopting new technology is the only way to do this successfully in today’s cut throat industry.
Dave Fisher is business development manager at Alcatel-Lucent