Posted on Apr 16, 2012 | Categories: Data Security|
Many Americans have spent the last few days frantically searching for receipts and other documentation to finish their taxes before Tuesday, April 17. No doubt some of those people thought they knew exactly where to find what they needed, and were dismayed to discover that their confidence -- as well as their data -- had been misplaced.
How about your confidence regarding your organization's sensitive data? As managers, are you aware of all of the transactions going in and out of the company network? Who is sending and pulling files, and why? What's the best way to manage all of these data exchanges? Isn't there a more user-friendly solution than prohibiting all FTP communications except from specified computers or user profiles?
Efficient workflow requires efficient data flow
No doubt data security is critical. So is the ability to exchange information to accomplish daily business goals. Almost every department needs to exchange files with trading partners, customers, vendors, remote employees, and more.
Here are just a few examples of data your company may be exchanging every day:
- Tax documents
- Annual, quarterly monthly reports to shareholders, investors, banks, financial partners
- Personnel reporting
- Art files to/from artists, printers, marketing partners
- Video and other content for web, publishers, printers
- PDF brochures, proposals, whitepapers to prospects, partners, customers
- Data files to/from system integration partners
- Database exchanges with business networks
- System updates
- EDI file transaction exchanges
- Update to HA and offsite systems
- Customer update documents
- Client reporting documents
- Receipt of supporting documents
- Supplier data exchange
- Customer data exchange
- Inventory reporting
Research & Development
- Product specifications to/from manufacturing partners
- Large CAD/engineering data to/from development partners
How do you control the data flow?
Educate your employees
Each organization has developed rules and codes of conduct to maintain productivity, positive morale, and customer confidence. Ideally, these policies are documented and part of employee training. It's imperative that the rules governing data management are also included in the documented policies, and all employees regardless of their roles need to demonstrate their understanding of the data management policies. Clear directives regarding management's expectations is the first line of defense against data breach.
Implement the appropriate technology solution
The right technology tools can also be a valuable part of the data control approach. Most data exchanges can be performed through secure email, FTP and network communications. A combined implementation of firewall and managed FTP solutions will help secure and distribute the resource requirements as appropriate for every department's needs.
Firewalls not only protect the company network from outside intruders, but can also help manage internal traffic. A managed file transfer (MFT) system allows specific types of transfers based on users' permissions or specified events so the inbound/outbound flow of data can be better managed and monitored. With an MFT system, audit logs are automatically kept of each data exchange, and files and emails can be encrypted and secured to ease worries that they might be sent to the wrong people.
The bottom line
Given the multitude of data files that need to be moved in and out of your organization, and the need to create efficient workflows that allow employees to do their jobs while maintaining strict vigilance about data security, few facets of your business are more important than controlling your data flow. Getting information in the right hands and keeping sensitive data shielded from non-authorized access is an ongoing challenge, but education and the right tools are the keys to success.