Tactical Advice

Secure — From the Inside Out

Data is the currency that makes your business tick. That's why keeping it safe is more important than ever
This story appears in the December 2008 issue of BizTech Magazine.

Photo: Hotshots Imaging
Jim Shanks, Executive Vice President and former CIO of CDW

In a recent poll of BizTech readers, technology managers named remote access, disaster recovery and security as their top three IT priorities. The last thing any business would want is to have their company’s sensitive data wind up in the wrong hands. As businesses invest in electronic data systems and infrastructure, intellectual property in the form of data — not hard cash or capital assets — has become the new currency. That’s why a growing number of IT managers are shoring up their networks with security tools to ensure that no data leaks out — accidentally or on purpose.

When it comes to security options, market research firm International Data Corp. reports that 81 percent of IT managers invest in some type of data technology to protect and control their sensitive information. According to IDC, data loss prevention (DLP) and encryption are the key features of a comprehensive data protection strategy.

What’s driving the increased investment in DLP and encryption? For starters, as businesses revamp their infrastructure and increase productivity through new technology systems, data becomes more and more central to a company’s viability and competitiveness. That data — such as customer lists, margin reports and pricing algorithms — help define the competitive differences among businesses, making them too precious to put at risk. Additionally, an increasing number of businesses must also comply with numerous regulations that govern the handling of confidential data.

Sharp HealthCare is a good example. The San Diego-based health-care provider must not only comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA), it must also prove that it’s in compliance. After putting comprehensive data loss prevention tools in place, the company says it reduced security policy violations by 70 percent in the first year of deployment. The tools Sharp chose also have helped the health-care provider maintain the detailed documentation that proves it complies with those regulatory provisions.

More Than Software

Software tools are critically important — and a good start — but they have to be coupled with training that heightens employee awareness. With restrictions on access and tools to audit usage, the next step is limiting and controlling access to sensitive data to authorized users and training those users to handle this information properly to reduce the risk of data loss.

“Most employees mean to do the right thing; they don’t want sensitive data to leak out either,” says Starla Rivers, technical security architect at Sharp HealthCare. “Our challenge is to make it easy for them to comply.” Rivers adds that training programs and technology tools need to be “something that we are doing for them, not to them.”

As Rivers points out, employees may mean well, but if they aren’t in the mind-set of looking out for potential leaks, they can’t be expected to cooperate. The reality is that the software is fairly easy to deploy and doesn’t require much extra work from the staff. There should be little impact on the typical day’s work flow.

“The important thing is that there be no surprises,” says Kam Golpariani, vice president of security risk management at First Advantage in Poway, Calif. “This can’t be something that comes out of left field, which is why a phased rollout is the best approach.”

Jim Shanks is executive vice president of CDW, an $8.1 billion provider of technology solutions for business, government and education based in Vernon Hills, Ill.
Sign up for our e-newsletter

Security

Three Ways to Integrate Fire... |
Follow these tips to align the devices with log management and incident tracking systems.
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...
The Value of Converged Infra... |
Improvements in security, management and efficiency are just a few of the benefits CI can...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Hardware & Software

New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.
The Tools That Power Busines... |
Ever-evolving analytic software can greatly improve financial institutions’ decision-...