The Business-Technology Weave

Dec 28 2010   11:55AM GMT

You don’t know what you don’t know



Posted by: David Scott
Tags:
business plans and policy
business security
content management
content security
data security
enterprise resource management
enterprise resource planning
enterprise security
information systems
intellectual property
intellectual property security
IT security
MIS
security policyi and plans

 

When securing information, intellectual property, data (hard and soft, paper and electronic; hereafter referred to as content) it’s first necessary to know what you have… and where.

 

Once you know what you have and where, it should be relatively simple to secure data.  Note that I didn’t say “easy.”  But in terms of simplicity, there’s a relatively flat qualifier – something very initial – to securing content that comes before anything else.  Something comes prior to any associated system, and any hierarchy of control regarding such things as outside regulatory oversight, internal control, general stakeholder interest (that is, specific department oversight), and general principles of security.

 

Initially, any activity involving content requires looking through a security prism.  Merely consider content’s “lay” (its location, its residency, its container, its present status, et al) vis-à-vis your upcoming, intended, action on that content.

 

The view through security’s prism must always generate this question: 

 

Will my action on this content compromise, or possibly compromise, its protection, discretion and safety?

 

Of course, by extension we’re really talking about the organization’s protection, discretion and safety – as well as allied parties (clients, customers, partners, etc.).  It’s essential to take a big picture view and make best consideration of all interests, involvements and relationships.

 

If your staff doesn’t know to take this view, doesn’t know to ask this question, then it doesn’t know how to handle and protect content.  Simple.

 

You don’t know what you don’t know – ‘till you know it.  Survey and account for data.  Then~

 

Bring the associated system(s) of control to bear, ensure their effective use through training and ongoing awareness.  Most breaches of content and exposures are due to human error.  Ensure appropriate human awareness for treatment of content by reinforcing that look through the security prism.

 

Remember:  Know what you have; know how to protect it.

 

NP:  Thingamagig – The Mel Powell Trio – Original 1954 Vanguard LP.

 

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: