Take note from HSBC: Compliance is more critical than ever

The only thing worse than discovering your data violates an industry regulatory compliance standard is having a third party break the news. In many industries, including financial services, legal, healthcare and education, organizations are required to maintain a continuous compliance program. This allows for ad-hoc and regulatory scheduled audits to aid in targeted investigations, routine checkups or otherwise. And if you don’t know exactly what’s in your data or where it’s being stored, it’s hard to feel fully equipped to successfully navigate an audit without any violations – minor or otherwise.

Recently, U.K.-based bank HSBC made headlines due to new developments in a case that began in 2012, when a series of compliance violations came to light. While the case includes various factors and its end results remain to be seen, the news drives home an important point about data compliance: internally auditing data on a frequent basis is the key to avoiding violations.

Simply assuming that your company has a strong compliance program without actively measuring its efficacy can set your team up for expensive and complicated damage control down the line. Maintaining compliance with industry regulations, as well as any internal practices, can also help keep your entire team on the same page and prevent costly exposures of sensitive data. In another recent survey of more than 1,000 senior IT staff, 64 percent reported that upholding compliance is extremely effective at preventing data security breaches, as reported by the Wall Street Journal.

If your organization faces strict compliance requirements, solutions that offer data-awareness and visibility into your storage can help your team eliminate potential liabilities embedded within your data in addition to increasing productivity, simplifying operational procedures, and lowering overall business costs.

Read more about reducing compliance risks for your company.

1 Like
Andrew Hay

Andrew Hay

With over 15 years of data security experience in various roles inside organizations as well as advising them, Andrew serves as the chief information security officer at DataGravity. He is responsible for the development and delivery of the company’s comprehensive data security strategy. Prior to DataGravity, Andrew was the director of research at OpenDNS (acquired by Cisco) and the director of applied security research and chief evangelist at CloudPassage.