Laptops and memory sticks don't generally strike fear into the heart of directors. They're just an ordinary tool of business, and most of us probably have too many of these little gadgets knocking around in our briefcases and on our desks. But when it comes to managing security and risk in your organisation, it's precisely these overlooked minutiae of daily life that you need to get a grip on.
As a starting point, you might want to consider these questions ...
- Can you trust your employees (do you even know all of them)? What about ex-employees, including those who left harbouring a grudge?
- Can you say with certainty who has access to what data in your organisation? Could you name the individuals with access to sensitive data?
- Who manages passwords and permissions in your organisation? Who holds this person or people accountable?
- How would you know if your IT department wasn't keeping up with the latest security updates to your systems?
- What's to stop employees (that includes you!) downloading company data onto memory sticks and other mobile devices? What would be the implications if such devices were lost or stolen?
- Do you know what your responsibilities under the Data Protection Act are? Can you say for certain whether your organisation - in all of its activities - is compliant?
- What would be the consequences to your business if the servers in your office were out of action for a day? How about 3 days?
You probably get the picture. As a director, you don’t need to understand encryption technology or the ins and outs of data backup. But you do need a firm grasp of what the risks are, the processes and policies you need to put in place to manage those risks.
To help, we have put together an interactive guide to data and systems security, featuring video interviews with a range of experts who focus on what board directors need to know.
Click here to read The Talking Guide to ... Keeping your business secure
This report was kindly supported by 
Comments