Saturday, January 28, 2023
HomeAvePoint BlogProtect Your Sensitive Information with a Unified Approach

Protect Your Sensitive Information with a Unified Approach

I recently had the opportunity to author an article for CMSWire discussing the importance of understanding what data an organization holds in order to properly protect it.

Security isn’t a standalone concept — it also involves mitigating risk at some cost. And in the absence of metrics, people tend to focus on familiar or recent risks. Which means we end up acting reactively rather than proactively.

Rather than waiting for risk to arise, understand how data, people and location (both system location and geographic location) create patterns — both good and bad — across your organization. The center — or pivot point — of that strategy should be around the data that you hold.

So let’s contemplate the life of data within your organization. Whether data is created within your organization or collected from a third party (customer, vendor or partner), the only way you can effectively protect it is by understanding it. What is the data? Does it contain customer information, employee information, intellectual property, sensitive communications, personally identifiable information (PII), protected health information (PHI) or financial data? The list can become quite extensive.

All companies create and hold sensitive data, and there’s not anything inherently wrong with that. But once you know what the data is, where it is, who can access it and who has accessed it, can you make decisions about where it should reside? You probably don’t need to put the same security protocols around pictures from your company picnic as you do for your customers’ credit card information. Understanding your data is crucial when determining how it needs to be protected.

To read more about protecting your sensitive data, please visit CMSWire.

To learn how AvePoint can help organizations mitigates privacy, information security, and compliance risks across information gateways, please visit our website.

Dana S.
Dana S.
Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise

LEAVE A REPLY

Please enter your comment!
Please enter your name here

More Stories