Skip to main content
Facilitate Magazine: Informing Workplace and Facilities Management Professionals - return to the homepage Facilitate magazine logo
  • Search
  • Visit Facilitate Magazine on Facebook
  • Visit Facilitate Magazine on LinkedIn
  • Visit @Facilitate_Mag on Twitter
Visit the website of the Institute of Workplace and Facilities Management Logo of the Institute of Workplace and Facilities Management

Main navigation

  • Home
  • News
    • Comment
    • People
    • Reports
    • Research
  • Features
    • Analysis
    • Features
    • Round Tables
    • Webinars
  • Outsourcing
    • Contracts
    • FM Business Models
    • Interviews
    • Mergers & Acquisitions
    • Opinion
    • Procurement
    • Trends
  • Know-How
    • Explainers
    • Legal Updates
    • White Papers
  • Jobs
  • Topics
    • Workplace Services
      • Hospitality
      • Catering
      • Cleaning
      • Front of House
      • Grounds Maintenance
      • Helpdesk
      • Mailroom
      • Manned Guarding / Security
      • Pest Control
      • Washroom Services
      • Disaster Recovery
      • Specialist Services
    • Professional Performance
      • Behavioural Change
      • Continual Professional Development
      • Education
      • Management
      • Recruitment
      • Training
    • Workplace Performance
      • Benchmarking
      • Health & Wellbeing
      • Operational Readiness
      • Procurement
      • Security
      • Workplace User Experience
      • Workplace Culture
    • Compliance
      • Health & Safety
      • Risk & Business Continuity
      • Standards
      • Statutory Compliance
    • Building Services
      • Architecture & Construction
      • Asset Management
      • Building Controls
      • Building Fabric
      • Drinking Water
      • Fire Protection
      • HVAC
      • Landscaping
      • Mechanical & Electrical
      • Building Security
      • Water, Drainage & Plumbing
    • Technology
      • Building Information Modelling
      • CAFM
      • Data & Networks
      • Document Management
      • Information Management
      • Internet of Things (IoT)
      • Software & Systems
    • Energy management
      • Energy Management Systems
      • Electricity
      • Gas
      • Solar
      • Wind
    • Sustainability
      • Environmental Quality
      • Social Value
      • Waste Management
      • Recycling
    • Workspace Design
      • Agile Working
      • Fit-Out & Refurbishment
      • Inclusive Access
      • Lighting
      • Office Interiors
      • Signage
      • Space Planning
      • Storage
      • Vehicle Management / Parking
      • Washroom
    • Sectors
      • Corporate Office
      • Education
      • Healthcare
      • Manufacturing
      • International
      • Retail
      • Sports & Leisure
      • Regions
  • Buyers' Guide
Quick links:
  • Home
  • Topics
Know How
Content
Explainers
Workplace services
Manned Guarding / Security
Standards
Compliance
Technology
Topics
Know How
Content
Explainers
Workplace services
Manned Guarding / Security
Standards
Compliance
Technology

Five steps to securing data systems

Open-access content 5th April 2016
Mark Stevens

Mark Stevens explains how to avoid the theft of sensitive company data


7 April 2016 | By Mark Stevens


VTech and Snapchat are just the latest in a long line of high-profile organisations to suffer data breaches at the hands of hackers.


Today's cyber attacks may differ in type and origin, but they typically produce the same result - significant data loss.

Data is the lifeblood of most companies and the long-term negative impact on those who suffer breaches demonstrates just how serious the issue of data loss has become today.

But as hackers continue to get smarter and more persistent, what can companies do to protect their most precious information?

Here are five recommendations to help your company keep sensitive data out of the wrong hands:


1. Identify where sensitive data is at risk
Your customers, business partners, and investors will ask what your security posture looks like, so it makes sense to perform a thorough review of your environment to identify gaps where confidential data, including information contained on mobile devices, could be at risk. You don't have to conduct this risk assessment yourself. There are a number of services available that can quickly help you understand where sensitive data lives and how it is being used.


2. Don't rely on traditional security
Almost 100 per cent of large companies have security programs that start and end 'on the network'. Why? Because it's easier. Racking a security device on the network causes very little organisational friction. Yet the IT teams in these companies then spend almost every day purposely punching holes in the network.

Virtual private network (VPNs) are a common example; their widespread use makes them targets for attackers owing to the high number of potential entry points and often lax attitude towards security from users.

These inevitable holes mean the network will always be vulnerable to attackers. Add to this the fact that many employees operate in a mobile environment and demand access to business information on their phones and tablets - devices that traditional network security measures can't protect.

A layered approach to security is becoming increasingly important for companies, with device-focused technologies such as mobile device management (MDM) playing a big role.


3. Focus on data protection solutions
According to the Forrester report The Future Of Data Security: A Zero Trust Approach, traditional perimeter-based approaches to security are insufficient. It says: "Security and Risk (S&R) professionals must take a data-centric approach that ensures security travels with the data regardless of user population, location, or even hosting model."

Several proven data protection solutions on the market ensure security travels with the data.
Called data loss prevention (DLP), these solutions help classify data, put a use policy against it, and strictly enforce it. DLP is a must-have for any company wanting to protect sensitive customer and business data.

If it is made it fractionally harder to steal sensitive information, or data is rendered useless once outside the network, attackers will move to another company that presents an easier target. As data remains the target and its attack surface continues to grow, protecting that data must be at the core of every company's security approach.


4. Outsourcing data protection
A way around the challenges associated with implementing advanced data protection strategies is to outsource to a managed security provider.

Many of these companies have deep DLP expertise and proven infrastructure, meaning that you can concentrate on your business while they keep your data secure. If your IT team is already stretched, this approach gives you the comfort of knowing that customer data is being protected without taking valuable staff time. This will also help you meet the various standards demanded by customers, banks, and other security-sensitive organisations.


5. Step up security training
Employee security awareness is a critical step to protect customer data. Go beyond the annual refresher that no one takes notice of.

Innovative companies are using technologies to help employees self-correct any risky data habits. For example, a customer recently reported an 85 per cent decrease in data use policy violations after six months of using real-time, pop-up prompts.

Sometimes, all an employee needs is a simple reminder of what the corporate policy is, and how to adhere to it.

Customers and business partners will increasingly demand that companies show proof of security and monitoring to protect sensitive data.

The security of the information supply chain is gaining traction within IT security circles and companies are realising that the weakest link in their security posture may not be within their own walls, but rather inside the walls of those with whom they do business.

If you follow the above steps, not only will you be able to demonstrate that you're protecting the data you possess, you'll also be in a position to use your strong security posture as a differentiator.

 

Mark Stevens is senior vice-president of Global Services

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Most-Popular

 

Latest Jobs

Building Manager

City of Westminster
GBP55000.00 - GBP65000.00 per annum +
Reference
54299

Senior Project professional - Student Accommodation

London (Central)
£85,000 – 100k plus bonus and package
Reference
54296

Business Development Manager

Havant
£42k ++ Package
Reference
54294
See all jobs »

 

 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to print

Sign up to receive our weekly Redactive News e-newsletter.

Subscribe
Facilitate magazine cover, June 2020
​
FOLLOW US
@Facilitate_Mag
Facilitate Magazine
Facilitate Magazine
CONTACT US
Contact us
Tel: 020 7880 6200
​

IWFM

About IWFM
Become a member
Qualifications
Events

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to Facilitate Magazine
Write for Facilitate Magazine

General

IWFM Jobs
Help

www.facilitatemagazine.com and Facilitate magazine are published by Redactive Media Group. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive, Level 5, 78 Chamber Street, London, E1 8BL