An effective content security strategy does not begin at /home

If you haven’t yet implemented an Intelligent Information Management infrastructure, you are endangering your employer’s very survival.

In both your personal and professional life, you are seated at the helm of your own actions. Never forget, though, that consumers are at all times in control of your professional future (just as you in your capacity as a consumer are in control of theirs).

“According to a new study, 78 percent of people would stop engaging with a brand online and 36 percent would stop engaging altogether if the brand had experienced a data breach.”

Article: Consumers are more ready to abandon brands following data breaches

Most competent business managers understand the risks and inefficiencies involved with a failure to secure their employer’s data. The word breach has become the modern equivalent to burglary.

“Each individual consumer’s personal information now resides on dozens, if not hundreds of servers across the globe. With that fact comes a somewhat obvious result: an increase in identity theft.”

Article: Identity theft stats & facts: 2017 – 2018

A suitable information management strategy will always go a long way toward helping businesses minimize the risk of data theft, even of theft from within. Proper management for all enterprise information — whether it be incoming, outgoing, record, draft or archive — represents the single most important element of data protection.

As the heading of this post suggests, storing files and identifying data locally is now considered to be negligent. Managers who are proactive will minimize the number of network-facing end points on which their employer’s information is stored.

Start with an information audit, which is a systematic analysis of an organization’s use of information as well as the resources and workflows which contribute to its proliferation — all of it aiming toward a verification of the extent to which such efforts are helping the organization to achieve its goals.

After the audit, create a data map to enhance the tracking of content by establishing a match for data between a source and a target (e.g. between a database and a terminology list). Mapping can be unidirectional or bidirectional, and might include the use of an intermediary technology for facilitating the match-up.

Data Mapping

Familiarize yourself with infosec concepts such as compensation controls, inherent risk versus residual risk, and the three lines of cyber defense, hiring as needed to fill important roles in control and risk management. Determine which data sets are the most sensitive to mission-critical operations. Implement an IT infrastructure to facilitate the management of all enterprise information, and thereby add value to your employer’s slice of the eternal infotinuum.