Case Study 1:

Data Security in an Unsecured World

The latest report by Boscom implies that the main threat to a company’s data comes from outside like hackers, industrial spies, and competitors. This report reveals a disturbing fact: nearly eighty-five percent of any company’s former employees have left their place of business with sensitive data – if not with actual documents. On the other hand, Snowden’s theft from the NSA was visible and newsworthy. The Boscom report shows how easy it is for employees to walk away with sensitive data.

From the above scenario, it is easy to understand why companies have difficulties maintaining data security, especially when the risks come from their very own employees. Employee access to data is vital not only for their work but to the company’s success in general.

Let’s look at this through a practical example relevant to our Business CRM industry: A Business CRM brokerage has several departments, each of which needs access to sensitive data to function adequately. From sales representatives to members of the marketing team (for instance, email marketers), various aspects of client information must be visible to different people through adequate software that ensures compartmentalization. Employees should protect the security of sensitive data – when compartmentalization cannot be stressed enough. It is the only way a brokerage can prevent information from potential threats without compromising productivity.

The two most important tools at a brokerage’s disposal are a good CRM and good encryption level data security. The former allows management to determine who is privy to what data and the latter prevents unauthorized persons from accessing information via non-company computers hackers. Another benefit of good encryption data security is that it prevents rogue employees from sending confidential data, as it is useless without the proper decryption, which they do not have.

To best implement these countermeasures, it is crucial to first decide on a data security policy by all possible means. In addition to the technical measures employed, management must also clearly define the internal rules and regulations, such as the prohibition of USB drives on company property, the security of logging on with a different employee’s username, and more. Although this seems like stating the obvious, nothing is obvious when it comes to securing your data.

According to the latest findings, Edward Snowden of NSA made it clear that data vulnerability is pretty much visible. In the context of the Business CRM industry, adequate countermeasures significantly decrease a company’s vulnerabilities. With Snowden in mind, one must also keep in mind that people like him stealing information and their resources: national intelligence agencies have more resources than a competing business, and their operatives are willing to take risks to get information. People like Snowden steal information for ideological reasons. On the other hand, business intelligence steals information for money and profits. Therefore, the countermeasures needed to deter theft in the private sector are also more affordable and accessible.

We live in a world where our data is constantly and continuously at risk. However, there are also many technological solutions and standard operating procedures that significantly reduce this risk. Always be vigilant about the potential threats. Even remember these threats, significant as they may be, are also manageable and that maintaining data security does not need to come at the expense of productivity and profits.