Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comTips For Protecting Company Data
Author: Scarinci Hollenbeck, LLC|May 8, 2014
Tips For Protecting Company Data
If you are in charge of protecting your company and/or its customer’s data, it is important to confirm your data security program contains all the essential components to be successful. The Internet of Things (IoT) makes it easier to create, collect, process, and/or maintain data in a variety of ways, but the potential vulnerability points of entry are increasing in scope and frequency. Below are a few important tips to consider:
- Flexibility. Effective data security measures must be flexible to meet a company’s changing needs. This requires that you continually assess the business’ data security needs and the emerging threats. You must prioritize the various types of data that you collect and maintain, as well as evaluate liability if there is a breach and such data is lost, stolen, or otherwise compromised.
- Data governance. Your data security plan must provide for destroying data that is no longer needed. Reducing the amount of data you hold onto lowers your exposure. It has also become imperative to encrypt any personal data that must be stored on a mobile device. Loss of an unencrypted laptop can cost your company millions of dollars.
- Policies for employees and vendors. Every business must establish policies regarding maintaining confidential information for employees and third-party vendors. Additionally, you should conduct periodic audits to confirm compliance with the policies, including of third-party vendors who often escape scrutiny because they are often considered to be outside the scope of usual business operations.
- Certificate of Authority vulnerability. Certificates of Authority can be vulnerable because they are issued by third-parties and not all can be fully trusted. A Certificate of Authority could lead to all of your company’s communications being compromised. Companies must extend their data protection efforts beyond internal systems. Measures must be taken to protect employee mobile devices, the company’s web portal for employees and servers the company controls.
Finally, your company may wish to consider inquiring about obtaining additional insurance to cover data breaches.
If you have any questions about data breach liability or would like to discuss ways to improve your business’s protection and response strategy, please contact me, Fernando M. Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. Visit eWhiteHouseWatch (www.eWHWblog.com) to learn more about cyber security and data protection.
Key Contacts
Let`s get in touch!
Related Posts
NJ OAG Enforcement Action Highlights Cyber Risks for Real Estate and Financial Companies That Failed to Protect Against Identity Theft
Are QR Codes Convenient or Risky? What Your Business Needs to Know
What’s a Credential Stuffing Cyberattack and Is Your Business Vulnerable?
Year in Review: Top Cybersecurity Law Developments in 2021
Tips For Protecting Company Data
Author: Scarinci Hollenbeck, LLC
If you are in charge of protecting your company and/or its customer’s data, it is important to confirm your data security program contains all the essential components to be successful. The Internet of Things (IoT) makes it easier to create, collect, process, and/or maintain data in a variety of ways, but the potential vulnerability points of entry are increasing in scope and frequency. Below are a few important tips to consider:
- Flexibility. Effective data security measures must be flexible to meet a company’s changing needs. This requires that you continually assess the business’ data security needs and the emerging threats. You must prioritize the various types of data that you collect and maintain, as well as evaluate liability if there is a breach and such data is lost, stolen, or otherwise compromised.
- Data governance. Your data security plan must provide for destroying data that is no longer needed. Reducing the amount of data you hold onto lowers your exposure. It has also become imperative to encrypt any personal data that must be stored on a mobile device. Loss of an unencrypted laptop can cost your company millions of dollars.
- Policies for employees and vendors. Every business must establish policies regarding maintaining confidential information for employees and third-party vendors. Additionally, you should conduct periodic audits to confirm compliance with the policies, including of third-party vendors who often escape scrutiny because they are often considered to be outside the scope of usual business operations.
- Certificate of Authority vulnerability. Certificates of Authority can be vulnerable because they are issued by third-parties and not all can be fully trusted. A Certificate of Authority could lead to all of your company’s communications being compromised. Companies must extend their data protection efforts beyond internal systems. Measures must be taken to protect employee mobile devices, the company’s web portal for employees and servers the company controls.
Finally, your company may wish to consider inquiring about obtaining additional insurance to cover data breaches.
If you have any questions about data breach liability or would like to discuss ways to improve your business’s protection and response strategy, please contact me, Fernando M. Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. Visit eWhiteHouseWatch (www.eWHWblog.com) to learn more about cyber security and data protection.
