Skip to content

Protecting the Confidentiality of Your Data

December 2, 2013

We briefly touched on the Confidentiality, Integrity and Availability of your company’s data back in August.

This time, I’ll focus on the first of the CIA’s — Confidentiality.

Confidentiality refers to the processes, policies and tools utilized to mitigate unauthorized access to files, data and sensitive information.

ciagraphic

This could mean mitigating unauthorized access from hackers to any of your files or sensitive information like credit card numbers and passwords, or it could mean preventing unauthorized access to specific types of data from employees, vendors and clients.

We’d want to protect against hackers accessing your data for obvious reasons. They almost always have malicious intent, whether it be for financial gain or causing trouble for your organization.

Employees, vendors and clients shouldn’t be able to gain unauthorized access, either, but for less obvious reasons.

Usually there won’t be malicious intent in those cases, but you most likely would not want an employee to see payroll data, or vendors and clients to see information about each other.

Some ways to preserve Confidentiality include:

  • Stronger authentication methods to protect against unauthorized logins
  • Clearly defined acceptable use policies to govern who can access what
  • Role- and rule-based network security to enforce the policies and access levels
  • Monitoring to audit who is logging in and what they’re trying to access
  • Encryption to prevent unauthorized individuals from viewing sensitive data
  • Security hardware and software to mitigate attacks from hackers, viruses and malware
  • Ongoing employee education about the latest threats to your network and how to handle suspected access violations

In this age of digital communications, your organization’s key stake-holders will have increased access to more of your information. Even if hackers disappeared tomorrow, vendors and clients will likely need to be authorized to operate within your network.

With the potential effect of that kind of external access on your firm’s health, protecting the Confidentiality of your data should be a company-wide priority.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: