Trending Now

Securing Content, Documents, Information and Data

We’ve all been there. An email meant for one person goes to a group. A document intended for your team goes out to the client instead. Red-faced mea culpas ensue …

But what happens when the document you or your team inadvertently sends out includes sensitive information that you – and your legal team – have agreeing to keep confidential? In our all-digital world, once it’s out there, it can be difficult if not impossible to get back.

These kinds of mistakes can erode trust. That makes it critical to have policies, processes, training and tools in place to protect data and information that you’ve promised to safeguard. It’s also critical to understand that this is not primarily a technology problem, even though your tools and how you use them do play an important role.

Tools to Protect Data

Let’s start with the most basic tools. Any potentially public point of access to data has to have an appropriate level of security built right into it. From SSL certificates (for every business) to “bank-level” security to protect financial and similar transactions, the security you need for your website, intranet, and online-accessible databases will vary depending on the information you are responsible for and who needs access.

Two-factor authentication and token-based authentication are among the other tools to consider depending on your needs, as are database protections, server hardening, and firewall protection designed to repel attacks before they ever get close to your data.

As important as what tools you use is how you use them. Consult with experts to implement the right combination of tools, and consider regularly scheduled audits to make sure they remain in place and functioning as expected.

Tools to Enable and Control Sharing

Streamlining sharing protocols and procedures can help with compliance. Just about every content/data management tool you might use provides some measure of granular control for access, sharing, and editing and other tasks based on role or department or other user criteria. This includes even the most basic free versions of tools like Google Docs, Box, and Dropbox. And as you move up the cost and complexity ladder toward enterprise-level platforms, the tools and controls become much more sophisticated and can be customized to fit your team’s workflow needs.

Processes to Support People

Beyond those tools, you need to invest in training and processes to help your team follow the security standards you set up. Underline the importance of security to your employees. Teach them how to use the tools and processes required of them, and make it easy to do so. These three steps go hand-in-hand because compliance will be lower if there’s no understanding of overall business goals, and cumbersome processes will have team members choosing expediency over procedure even when they know the consequences.

Keeping it All Working

The key to making these tools work for you and not against you — that is, providing protection without draining productivity — is to review and update the tools and their settings on a regular basis. There is no excuse for a “set it and forget it” mindset here as threats to privacy and confidentiality change rapidly. The audits I mentioned earlier are a big part of this, as is reviewing with your team what is working well for them and what is not.

At the outset and for your reviews, be sure to include representatives from divisions across the organization. Technology, HR, sales, and marketing will all need a say. As will Compliance, of course, if your firm is subject to industry regulations.

If this is all new to you and you’re intimidated — or simply want to arm yourself with info before stepping into a meeting with department heads who likely have competing agendas — seek out examples of others in your industry, particularly those who may have experienced public missteps to see how they’ve improved their processes and tools.

You might also consider a conversation with your insurance team, as they should have experience in cybersecurity and similar areas. They should be able to bring you up to speed on the general compliance regulations that may apply to you. GDPR, CCPA, NY Shield Act may sound like so much alphabet soup, but understanding their general thrust and your responsibility to comply will help you develop a workable plan as you reconcile needs with everyone’s desire to minimize the burdens of compliance.

If you’re not a bank or other financial institution, you likely don’t need the level of protection they do. But you will be better off with a “go bigger” mentality as your starting point than working your way up from “quick, easy, and cheap.”

Avatar

Andrew Schulkind

Since 1996, Andrew Schulkind has asked clients one simple question: what does digital marketing success look like, and how can marketing progress be measured? A veteran content marketer, web developer, and digital strategist, Andrew founded Andigo New Media to help firms find a more strategic and productive mix of tools that genuinely support online brand goals over time. With a passion for true collaboration and meaningful consensus, his work touches social media, search-engine optimization, and email marketing, among other components. He views is primary goal as encouraging engagement. Getting an audience involved in your story requires solid information architecture, a great user experience, and compelling content. A dash of common sense doesn’t hurt, either. Andrew has presented at Social Media Week NY and WordCampNYC, among other events, on content marketing and web-development topics. His technology writing appears on the Andigo blog, in a monthly column on Biznology.com, and for print and online publications like The New York Enterprise Report, Social Media Today, and GSG Worldwide’s publications LinkedIn & Business, Facebook & Business, and Tweeting & Business. Andrew graduated with a B.A. in Philosophy from Bucknell University. He engages in a range of community volunteer work and is an avid fly fisherman and cyclist. He also loves collecting meaningless trivia. (Did you know the Lone Ranger made his mask from the cloth of his brother's vest after his brother was killed by "the bad guys?")

Join the Discussion

Your email address will not be published. Required fields are marked *

Back to top