Search in ISMS Guides


Sunday, September 2, 2007

The Risks to Data Security

here are many, diverse threats to data which a manager of the typical mid-size business must overcome. For his information systems, five key threats should be top of mind:

1. User error – A simple mistake on behalf of an employee could lead to the loss of megabytes of critical company data. From the deletion of a critical file to the accidental deletion of database records, your customers could face large expenses and significant down time recovering the disaster created by a simple mistake.

2. Employee theft – Employees need access to sensitive data in order to perform their jobs. Your customers have to limit the information to which employees have access, ensure that terminated employees no longer have access to sensitive data, and be able to track who's touching what, when and how.

3. Privacy violation – How do your customers protect the personal information with which their customers entrust them? Security breaches can mean that personal data can fall into the hands of the wrong people. In order to maintain your customers' trust, you must ensure that their data is safe and sound. In addition, many governments are now legislating privacy, which can mean fines or imprisonment if sensitive customer data is not secured.

4. Disaster – What natural disasters or unfortunate accidents might affect business? Magazines daily contain news of organizations that have faced unbelievable catastrophes. In the event that your or your customers' organizations are hit with a fire, flood or other disaster, how will the data be protected?

5. External attack – While less common for small business than the Fortune 1000, preparedness against external attacks is crucial. These attacks may take many different forms, from viruses to intrusion by hackers. Proper security measures must be taken to prevent disruption from these adversaries.

These five key vulnerabilities can lead to critical data loss and may ultimately lead to business failure. Additional information can be found at the following links.

No comments: