|
|
|
Janco Identifies Five Infrastructure Shortfalls that Impact Security
Focus of CIOs and CSOs |
|
Everyone talks about security, but there continue to be an ever 
increasing number of security and data breaches that occur. Janco has reviewed over 100 instances of security and data breaches and found a number of core factors why these continue to occur. They are:
-
Data volumes and velocity of change are increasing at an exponential rate - In many enterprises data is dispersed, disorganized, and so voluminous that classifying it comprehensively and implementing standard security standards is resource-intense and one that most IT departments are not staffed to do.
-
Information Technology (IT) Departments are reactive not proactive - IT departments are reluctant to invest their increasingly stretched resources in deploying another complex enterprise level infrastructure at the expense of delivering strategic value to the organization. IT departments tend to respond to problems after the fact versus identifying solutions before a problem occurs.
-
User do not want to change or add processes - There is a wariness about deploying yet another set of rules and tasks to follow on each Smartphone, desktop, and laptop that might interfere with doing the users job by adding procedures, hogging processor cycles, requiring frequent updates, and slowing down the user as they try to do their jobs.
-
Complexity of security compliance - Devising and implementing a comprehensive, viable security policy may get in the way of traditional business practices, requiring the involvement of not just IT but also human resources, finance and legal teams, and business unit managers.
-
Addressing 20% of the problem versus the 80% - Many enterprises focus on intentional data leakage, when in reality most data leakage occurs when there is a lapse and simple proactive steps like enciphering sensitive files on laptops and seeing that only those individuals that need sensitive information have it could have prevented the problem in the first place.
Read on.... |
|
| |
|
|
In This Issue |
|
Shortfalls that Impact Security |
|
Record Management |
|
Security Audit Program |
|
|
|
Record Management Retention and Disposition Policy |
|
Template comes in MS WORD format and is easily modified to meet the needs of enterprises of all sizes. It comes with a dozen forms which can be used immediately to create a record retention and disposition schedule.
Download Sample.... |
|
|
|
Security Audit Program |
|
The audit program is one that either an external auditor, internal auditor can use to validate the compliance of the Information Technology and the enterprise to the ISO 27000 Series (ISO27001 and ISO27002), Sarbanes-Oxley, HIPAA, and PCI-DSS.
Read on... |
|
|
Join
Email List
