The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/80353
best practices Avoid an Information Fumble and Protect Your Data by Andy Teichholz of Daegis "Gentlemen, it is better to have died as a small boy than to fumble this football," said John Heisman — prominent player, famed coach and namesake of the trophy awarded annually to college football's best player. Extreme? Perhaps, but in football, a turnover can easily result in points for the other team and be the ultimate difference between winning and losing the game. Heisman may have lamented the virtues of football security in the early 20th century, but only recently has information security received the attention it so rightly deserves. The "ball" in the enterprise game is information. Fumbling your organization's information assets could result in the loss of much more than a game. If sensitive information is breached due to a failure to put appropriate information security policies and procedures in place, the result could be a major disaster. With so many disparate data sources floating inside and outside the firewall, corporate legal, IT, data privacy and information security departments are paying even more attention to the dangers that can easily arise as sensitive data are handed off to others outside their networks. With an enormous amount of data being harvested, processed, analyzed, reviewed, produced and stored, it is imperative that strong security controls exist at every step of the process to prevent unauthorized data access or inadvertent breaches. The Game Intensifies Keeping the ball away from the opposing team has always been a part of football, and data management, including information security, is not a new challenge for enterprise IT. Gartner recently weighed in on the data deluge problem. According to a 2011 report, enterprise data will continue to increase by more than 40 percent per year over the next five years. This data volume problem is compounded by the diversification of platforms and devices on which data are created and stored, and the number of vendors that enterprises now use to store and process data. For example, with the emergence of cloud computing, more organizations are managing and storing their data outside the corporate firewall. As a result, there may be less transparency and control of data security protocols and protections. Awareness is growing rapidly as businesses see the real risks that can result from the misappropriation of data. The problem of securing vast quantities of data across diverse storage locations is compounded by the threat of emerging data breaches. Highly publicized cybercrime activities exacerbate already heightened levels of concern. While these specific malicious activities tend to receive much of the media attention, most reported data breaches are the result of theft and unauthorized physical or computer-based access. 12 Peer to Peer