Firstly, any business should welcome these changes as they are a way to further digitise services and enhance our way of life. But with any move to further digitising services that we offer or are offered to us, we need to ensure that the data is protected. Verification should be at the centre of all platforms, at every stage of development, and at the core of every provider-customer relationship. Its integrity must be protected from being modified by unauthorised parties. Data must only be made available to authorised parties to access the information when needed.
What you need to consider:
- Businesses need to look at two key things: where their sensitive data resides and what data is critical to the business to operate. Somewhat surprisingly, many organisations struggle to answer this question. This can lead to misappropriation of resources in the form of security controls being used broadly across the entire organisation, rather than being targeted to where they're needed most. This then results in increased cost to acquire and use security measures.
- Who amongst our employees has access to our sensitive data? Simply knowing who has access to documents or big data stores stops short of understanding to what they have access.
- A key way to reduce risk to sensitive information is to also understand how the data is protected. Is there protection in place, and does it meet the right level to mitigate risk for something that could be mission-critical to a business?