Joe Shepley discusses the key role that information management plays in cybersecurity. Organizations may have very robust cybersecurity software and systems, but data theft is something that can be managed only with proper information management processes. Data theft is what happens when a bad actor — either internal or external — enters the network and takes control of a device or devices in order to steal or compromise data (e.g., through encryption).
An effective information management program helps organizations keep the data they need (i.e., data with legal or operational use) and purge the data they don’t (i.e., data that’s past its legal or operational life). Effective information management reduces the information footprint of an organization, which means less data for bad actors to steal. It also means that an organization’s limited resources can focus on protecting a smaller set of relevant data.
Shepley proposes the following steps to ensure proper data retention:
- Data map – Determine what data we have, where data is and who owns it.
- Policy infrastructure – Put policies in place to manage information throughout its lifecycle (including data that’s been orphaned or abandoned).
- Content assessment – Scan content to determine what is junk, stale and sensitive, as well as whether the security and access for this content is appropriate.
- Remediation and clean up – Based on policy and the results of the content assessment, purge junk/stale content and remediate inappropriate security and access.
- Monitoring and prevention – Scan the environment on an ongoing basis to identify both non-compliant activity (e.g., mishandled PHI) and growth of stale/junk data and take action to address.
I am glad to see that all these activities are covered in my records and information class.