5 Security and risk management tips from Gartner
For a long time, data security has been a reactionary affair. IT teams would implement some software or protocols designed to keep everyone out, but, for the most part, the heavy lifting in security didn’t come until something bad happened. Now, the consequences of any data breach have been magnified by the amount of sensitive employee and customer data every company manages. Companies need to get data-aware, but too many of them still treat risk management and security the same way they always have.
A recent report by Gartner analysts Paul Proctor and Andrew Walls, “Digital Business Forever Changes How Risk and Security Deliver Value,” discussed how trends like mobile, social, cloud and big data have changed the ways companies secure their information. The analysts explain how relying only on traditional security tools at the perimeter of your IT environment can lead you to miss key opportunities to add value to your company. Security concerns should inform your business decisions, help your IT ecosystem evolve with data protection in mind and protect data at its core. A few additional takeaways from the report are below.
1. Assess your risk posture every time your company adopts a new technology platform.
Your C-level executives will always be on the lookout for new ways to improve operations, while different departments will do the same to make their jobs easier. These new tools can alter the processes you follow and the risks your company deals with every day. They also add more data to your environment, and that data will need to be stored and secured.
2. Go above and beyond on compliance.
It’s important to adhere to regulatory industry standards, but tools such as data-aware technology can help your company exceed the compliance status quo. Develop your own internal compliance guidelines that take your specific risks into consideration.
3. Calculate the costs of your security risks.
Proctor and Walls describe one automobile manufacturer expressing its downtime and outages in terms of the amount of cars lost in a given time period. You already know that every breach or outage represents time not spent building your product or serving customers – after all, an hour of downtime or a week spent investigating a breach is bound to interfere with your business operations. To put this cost in perspective, calculate your lost productivity in terms of the economic damage it can have on your organization.
4. Know that security risks change as IT becomes more consumer-focused.
Your employees likely use their own tablets and smartphones to do their jobs more effectively. However, any behavior that puts sensitive corporate data or customer information at risk can lead to significant consequences for your business. Tailor your bring-your-own-device protocols, enforce them among your employees, and keep your on-premise data secured with frequent audits and reports.
5. Give every employee a hand in your security efforts.
From the C-level down, employees need to keep security and risk management in mind for every decision they make for the company. The amount of data every company stores, paired with the expanding threat landscape in the IT industry, has greatly outgrown traditional security practices. Securing sensitive and confidential data at its core demands an approach to security that acknowledges the shift and gives every member in every department a seat at the strategic table.
Learn more about becoming data-aware by watching one of our demos.1 Like