×
 

Data compliance: building continuity that meets industry regulations - Plan4continuity Blog

Data compliance: building continuity that meets industry regulations

Data compliance: building continuity that meets industry regulations

 

Compliance and regulation are designed to make things safe and secure. But in reality, meeting regulatory requirements can be like unravelling the Gordian Knot itself. Like it or not, regulations, if not adhered to, can make one liable for a hefty fine or in extreme cases, imprisonment. But regardless of the standard that one implements, there are common principles that should be upheld and key elements that are essential to meeting data compliance regulations. This blog takes a look at some of those considerations and touches on why they are so important to your organisation.

 

Access control

Whether data is in the cloud, on hard copies or on local storage arrays, access to it needs to be controlled. A good way to do this is by using the role system where employees are placed in specific profiles that governs their level of access. I recall an incident where a scuffle broke out in an office building where an employee gained access to the payroll system and saw what other staff earned, and was less than pleased with what he learnt.

 

Security

Hackers are not unshaven, coffee-addicted social misfits who operate from dark, mouldy basements hacking into systems and causing cyber-mayhem. They often use social engineering and good old breaking and entering to steal data and breach security systems. Run regular maintenance audits and criminal checks on security personnel. Compartmentalise data and restrict access to areas in the workplace.

 

Transmission protocols

Always use the best informational security software and procedures. Insist on data encryption, even within the business. Secure wireless networks and control access to them as they are often a target for hackers. Keep software and security applications updated and be careful about what is communicated via email.

 

Key-holders

Always delegate responsibility to competent people. Staff who either possess keys or access

codes need to be made aware of the risk of sharing their access methods with others. Be sure to regularly communicate security loopholes and what is expected of employees to minimise risk to the organisation.

 

Data integrity checking

Always run scheduled checks on the integrity of data. I have encountered many times where backup data is corrupt or has been modified. Regular test restores of backed up data will ensure that you avoid any nasty surprises when the time comes to perform a restore.

 

Backup and redundancy

Back up your data securely using multiple methods where possible. Use reputable cloud providers who are data compliant themselves and who have a culture of compliance. Make sure that your service provider understands the legalities behind data management and that they have the security of your data assets at heart.

 

Human-error

Train your staff to be very careful as to what they post on social networks and what they send via email. Most of all insist on a password rotation policy, that personnel password protect their computers and that as far possible they do not store confidential data on laptops and tablets.

 

Protection of private information

It is imperative to protect access to and dissemination of personal information. In and age where "kitty pictures" go viral in minutes, one can cause irreparable damage if personal information is leaked.

 

Compliance needs revisiting on a regular basis

Data compliance is an important aspect of business continuity and disaster recovery. Data theft can have far reaching consequences and bring a company to its knees. Do not put off data compliance and place your organisation at risk. Think of the potential financial,organisational and reputational damage to your organisation and what it would take to recover from it. But as we move steadily into the next phase of our interconnected digital reality, the challenges and opportunities will present themselves. It’s how we react to them that will determine how agile – and compliant – we ultimately become.

 

Image Credit: wikimedia