Security Slideshow: Eight Data Security Time Bombs
By Samuel Greengard | Posted 12-07-2010
It's no bulletin that governance, risk management and compliance (GRC) issues are at the forefront of enterprise thinking and decision-making. It's also clear that they are becoming increasingly nettlesome-particularly as the swath of information technology systems expands and reaches beyond the four walls of the enterprise. Virtualization, cloud computing, mobility initiatives, social networking and advances in data portability and storage are producing a spate of new challenges and concerns for CIOs. Running afoul of governance and compliance requirements-internal as well as those mandated by a government-can quickly translate into costly errors, fines and data loss, along with negative publicity, a tarnished brand name and, in the end, diminished revenues. Navigating this new digital order means addressing GRC risks up front. Unfortunately, the danger points aren't always as obvious as you might think. Sure, there are the no-brainers, such as PCI compliance for anyone dealing with customer data, but when was the last time you considered how much information is floating around your organization in lowly spreadsheets? These danger points that can undermine everything from records retention and data sharing to security and privacy. Here are eight time bombs that could contribute to compliance breakdowns and failures within your organization:
Eight Data Security Time Bombs
Storage Creep The proliferation of data-especially across a mÃ©lange of systems, devices and departments-often translates into little or no knowledge of what actually exists and where everything resides. An organization that lacks a robust discovery process and storage optimization can easily see data go AWOL.