With hackers growing ever more sophisticated, fully protecting your data is that much more difficult. The following guidelines are based on a recent report by Ernst & Young.
It is time to rethink information security programs and strategies to keep your company's most valuable assets safe, according to Information Security in a Borderless World, a report released today by Ernst & Young LLP.
Advancing technology, including cloud computing, social media and mobile devices, creates far too much access to information to rely on traditional barricades, said Bernie Wedge, Americas Information Technology Risk and Assurance leader, in a statement. Even internal employee emails have become a target by external hackers. Traditional security models no longer work in this borderless world. Companies need to embrace change in their security programs in order to thwart both external hackers and threats that arise with new technologies in their own organizations.
Building on the findings from Ernst & Youngs 2010 Global Information Security Survey, the report proposes five interlocking phases of a transformational information security strategy to earn trust in a borderless world. It details specific opportunities for companies to achieve each action, including:
1. Identify the real risks - Define the organizations risk appetite, identify the most important information and applications, where they reside and who has access to them, and assess threats and develop predictive models.
2. Protect what matters most - Focus on business drivers and high-value data, assume breaches will occur and improve processes, balance fundamentals with emerging threat management, and establish access control models.
Read more about data protection guidelines at eSecurity Planet.