The Business-Technology Weave

Jun 26 2013   11:57AM GMT

NSA, Surrveillance, and New Parameters for Business Liability Coverage

David Scott David Scott Profile: David Scott

docThe National Security Agency (NSA) has a new data storage facility.  It’s 1.5 million square feet of super computers that harbor massive amounts of information.  Much of it is thought to be our phones calls and texts… at least the relevant metadata surrounding these communications, but there’s been considerable speculation about that here in these forums as well as elsewhere.

Business security folks are already asking critical questions:  Do they store your stuff forever?  Or, what stuff exactly, forever?

In match:  How long do you (or a vendor, on your behalf) presently store?  Many businesses have a destruct trigger for data based on taxonomies and dates.  Many organizations at present also have loose, or evolving, or even no standards for what employees can do with company resources.  Even large enterprises with sophisticated Acceptable Use policies don’t adequately enforce them… so –

What if Feds come at you in future, with charges?  They could be charges based on what your sanctioned corporate data allegedly points to, or they could be charges based on what some long-departed employee did under the aegis of the organization’s banner (remember What is being done in the name of your domain? from I.T. Wars?).  Can you, and your legal representatives, assess the charges on a “bit-for-bit” basis, so-to-speak?  Will you have the relevant data from that period?  Or will you be content to take the Feds word for the alleged transgressions of the past, that must now be answered for in the present?  Oh oh…

Update all:

- Security Policies

- Acceptable Use Policies

- Security Training

- All Data Retention and Destruct Policies

-   Monitor what people are doing with work resources –  the org owns the resources, and all associated content – to include anything so-called ‘personal’ that people are crafting with the org’s resources – make clear the org is monitoring everything, and why (again, get training up-to-speed).

The time is now – right now.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • TomLiotta
    One more Update item: "Contact your federal representatives and tell them to back off with the surveillance.".Tom
    125,585 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: