Protecting Privacy and Ensuring Compliance

By | December 1, 2006

2006 has been the year of the security breach. It seems as if a day doesn’t go by without another news story about a sensitive data breach at a government agency, large educational institution or well-known corporation. Yet security breaches and loss of valuable intellectual property can happen to companies of all specialties and sizes. Today’s mid-sized organizations must also tackle issues of compliance and other regulations in order to successfully manage their business and secure their data. However, many solutions designed to help organizations meet regulatory requirements are priced for larger organizations.

Luckily, there are solutions available to mid-sized organizations, enabling them to implement the right protection at the right price through channel programs. These reseller programs are specifically designed with mid-sized businesses in mind, providing them with ways to address regulations like the Sarbanes Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm Leach Bliley Act (GLBA). Further, they are able to ensure the company’s confidential information remains protected, safeguard valuable data, and define employee “appropriate use” guidelines.

Solutions made available through reseller programs can bring enterprise-class information protection to mid-sized businesses and help customers in industries such as banking, finance and healthcare secure their private customer data and other sensitive records to protect brand and public reputation, as well as to meet stringent compliance requirements that put organizations at risk of significant fines or other penalties.

The right type of solution should allow organizations to monitor all sensitive data-in-motion, as well as capture critical content to enable them to investigate exposure after-the-fact and improve their overall information security policies.

In today’s market, resellers of such solutions have many opportunities. Industry analyst IDC estimates the worldwide outbound content compliance market will exceed $1.9 billion by 2009. Moreover, leading solution providers will continue to seek out channel partners who have existing relationships with mid-sized businesses that have a need to protect against inappropriate disclosure of sensitive privacy information.

Here are ten helpful tips for today’s mid-sized organizations looking for a data protection solution through a reseller:

Define Your Data – An effective data protection plan should require IT administrators to classify data using multiple techniques in order to ensure that unstructured data, such as source code, is protected.

Know What’s Leaving the Network – IT administrators should deploy a content monitoring appliance to discover if private data or intellectual property is leaving the network or if employees are using the network inappropriately.

Define and enforce security policies – Educate employees on your security policies and communicate that these policies will be enforced.

Define Authorized Users – Create rules that define who can access private data and intellectual property.

Identify and Protect Data at Rest – An information protection system must view pre-registered known sensitive content and protect it before it leaves the network.

Capture Information – Your protection plan should take into account the need to capture, store, and analyze network content after the fact in order to ascertain how the information leaked and guard against similar attacks.

Manage the Solution – IT should choose a solution that provides tools to support centralized policy creation, reporting, and management.

Prevent Exposure – Make sure you can receive alerts when a policy is breached, block sensitive data from leaving the network, and take other enforcement actions.

Update Intellectual Property Definitions Regularly– Intellectual property takes on many forms, so be sure to regularly define it to ensure it’s protected.

Leave a Reply