Monday, March 9, 2015

Enterprise Data Security

Recently, along with millions of others, I received a notice about a data breach at Anthem.  I did not have a relationship with Anthem, but I had worked with an affiliated Blue Cross Blue Shield organization.  I was notified that my name, birthdate, social security number, home address, email address and even my income history, may be for sale on the world wide web.

This made me wonder what big companies can do to prevent attacks like this.  I assume that they all spend millions a year on data security, but issues remain on how best to fight off the threat.  Here are a few ways they can protect themselves:

Companies need a strong data security policy in place, and they need to make sure all employees read and understand it. With BYOD today, your own employees become your biggest risk.

Find your vulnerabilities before the enemy does. Leverage corporate wide security solutions, starting with email, web, and wireless security.

Be careful not to get over zealous and make it difficult for employees to access import data that they need to do their jobs.  Some security measures, meant to protect data from outsiders, actually puts limitations on employees.

The CEO also needs to be on board with the data security policy.  Gartner states that companies spend between 6 and 7 percent on data security.  This makes it a big budget item, but companies need to spend this money wisely.  The best defense is a good offense, which means that companies must constantly be evolving in the their strategies to fight off the hackers of the world.

To their credit, Anthem did provide consumers with a number of options to protect themselves from potential identity theft.