This week, Gartner research suggested that high profile data breaches and ongoing rapid changes in technology would force organisations to revise their data security policies before the end of 2012. According to Gartner, the proliferation of cloud computing and location-based services means that many organisations are battling to get to grips with the security implications of having data that resides outside corporate control. This pressure for change will be further driven by time and budgetary constraints, says Gartner.
There’s no question that evolving business processes and technologies mean that organisations have to re-think their data security strategies. But ever-present time and money factors mean that, as Gartner’s Carsten Casper puts it, privacy programmes will be “chronically underfunded” for the duration of the current global budget crisis. In this situation, finding the right balance between too little protection and too much can help organisations ensure that data security remains at the top of the business agenda without becoming a drain on resources.
A key element of achieving this balance is flexible policy. Without getting too bogged down in the fine detail of regulatory requirements, many organisations will find that a lot of the controls and policies they need are already there – they just need to be managed correctly. Flexible policy engines and content inspection capabilities tailored to the specific needs of each section of the enterprise can reduce administrative time and expense without compromising on data security.
But it’s not just the tangible solutions that businesses should be considering over the long term. Most organisations have adopted a policing approach to data security, blocking websites or only referring to policy when something goes wrong. If security is to become a more cost-efficient, flexible part of the business, it’s vital that organisations get to grips with making policy a living, breathing part of their business. This means making security more visible within the business, taking it out of the shadows and adopting flexible policies that can be integrated across the organisation.
Visible security means better informing users of company policy and using tools that remind them of what constitutes a security breach or inappropriate use of company data resources.
It’s time to move beyond a box-ticking approach to data security and adopt a more proactive, flexible one. Apart from making good business sense from a compliance point of view, it can help organisations to manage tight financial and time resources more efficiently. And that’s good news for everyone.
by Clearswift
There’s no question that evolving business processes and technologies mean that organisations have to re-think their data security strategies. But ever-present time and money factors mean that, as Gartner’s Carsten Casper puts it, privacy programmes will be “chronically underfunded” for the duration of the current global budget crisis. In this situation, finding the right balance between too little protection and too much can help organisations ensure that data security remains at the top of the business agenda without becoming a drain on resources.
A key element of achieving this balance is flexible policy. Without getting too bogged down in the fine detail of regulatory requirements, many organisations will find that a lot of the controls and policies they need are already there – they just need to be managed correctly. Flexible policy engines and content inspection capabilities tailored to the specific needs of each section of the enterprise can reduce administrative time and expense without compromising on data security.
But it’s not just the tangible solutions that businesses should be considering over the long term. Most organisations have adopted a policing approach to data security, blocking websites or only referring to policy when something goes wrong. If security is to become a more cost-efficient, flexible part of the business, it’s vital that organisations get to grips with making policy a living, breathing part of their business. This means making security more visible within the business, taking it out of the shadows and adopting flexible policies that can be integrated across the organisation.
Visible security means better informing users of company policy and using tools that remind them of what constitutes a security breach or inappropriate use of company data resources.
It’s time to move beyond a box-ticking approach to data security and adopt a more proactive, flexible one. Apart from making good business sense from a compliance point of view, it can help organisations to manage tight financial and time resources more efficiently. And that’s good news for everyone.
by Clearswift
No comments:
Post a Comment