Business

Building a data protection framework

With the common maxim today being that data is more valuable than oil, there’s no doubt it’s one of the most important assets a business has.

02 December 2019

With record fines starting to be imposed on companies failing to protect customers’ data, its protection is fast becoming a top priority for organisations. The challenge is ensuring it’s kept safe and secure, while also being readily available to employees who need it, and guaranteeing the integrity and confidentiality of it.

So where should a company begin? Tallen Harmsen, head of cyber security at Indigo- Cube, says a business must have visibility into and around its data to begin building a data protection framework. “You have to know how it’s being consumed and who’s consuming it, otherwise you can’t implement a framework of policies and controls to protect it. The standards are important, but it’s also important to work backwards once you know what needs to be protected. When you know what personal customer information you have, who’s using it, and how, then you can implement the policies and controls, encapsulated in the standards such as ISO, necessary to protect it. Beyond that, you must also ensure that with the processes, you have the correct technologies to support them and people who apply them.”

ITWeb Premium

Get 3 months of unlimited access
No credit card. No obligation.

Already a subscriber Log in