Cinderella finds her slipper…

Posted on 10 December 2010

There is a lot of interest at the moment in security, data loss prevention and data protection in general. While the media interest surrounding data breaches continues and reputations are slowly torn at the edges, some interesting things have happened recently that are pointing towards a very interesting future ahead for those of us involved in the sector. I’m not going to go into much detail – suffice to say that the unfolding storm that is Wikileaks has focused the attention of Corporate leaders on the issue. Couple this with serious fines imposed this year in relation to data loss by the Information Commissioner in the UK (£160k), the UK Financial Regulator (£2.28m) and most recently the award of $1.3bn (yes, read that again, its billion!) won by Oracle against SAP for software/data theft in the US. Finally, in November, the German Data Protection Authority imposed a fine of €200k for using customer data for marketing purposes without consent.

Suddenly it seems security is being taken seriously – its no longer the Cinderella in the room. In these turbulent times it beholds every executive to examine their processes carefully and ensure that they mitigate risk and the untold damage that security breaches can do by embedding solid security principals right in the centre of the organisation. Neil MacDonald of Gartner wrote a very interesting article earlier this year where he talked about the importance of getting away from focusing on data loss prevention and instead looking at data lifecycle protection, in the article he reiterated a clear conclusion: “Data protection is the process of identifying and understanding where and how sensitive information is created, consumed, processed, moved, shared, stored and retired and protecting it throughout this lifecycle.”  And that is really what it is all about – Data Protection is not about silver bullets, its not about raising impenetrable steel walls, its about embedding security and data protection in at every stage of the business process – clearly it makes good business sense, and it absolutely can add value when done correctly. Data Protection is tightly linked with Data Quality and our colleagues over at Castlebridge Associates have been flying this flag for a long time. The Information Commissioner of Ontario Canada, Dr. Ann Cavoukian has been advocating a system called “Privacy by design” for a long time. She has a free eBook available which is a very good primer and worth reading.

In the meantime, we will go back to solving the big problem – making compliance easy, one slipper step at a time…

Watch this space!


Responses are closed for this post.

Recent Posts

Tag Cloud

Avast beta business compliance Contracts Data loss Data protection design Dont Click Send Fail Finance fines HIPAA HIPPA ICO Isolate Launch Legislation Medical Outsource Privacy by design secret sauce Security Software UK United States

Meta

Isolated comments… is proudly powered by WordPress and the SubtleFlux theme.

Copyright © Isolated comments…