siliconindia | | March 20189Law and IT Minister Shri Ravishankar Prasad has reiterat-ed the Central Govt's commitment to ensure a robust data protection regime, in addition to creating a safe and secure cyber space. The Govt appointed committee of experts under the Chairmanship of former Supreme Court Justice B.N Srikrishna recently released a white paper as part of its work to prepare a data protection framework.So how do businesses approach the task? For every company seeking to protect its data, there are three aspects namely, assessment, prevention and detection that should be given utmost priority. Assessment is crucialOver the years, organizations have had a silo approach, with different departments using their own applications and processes. Similarly, some employees may, over time, circumvent rules and policies in ways that make sense to them, but which undermine data protection and compli-ance. Organizations need to be first clear about their prob-lem positions in order to solve the same.Preventing unauthorized accessKnowing where their data resides and how it is used, or-ganizations will be able to set rules and implement a robust environment to prevent unauthorized access. This includes Organizations should ensure that its processes, training, and culture, are extremely focused on recognizing and respecting the value of its dataprotecting against threats inside and outside the organization, whether accidental or malicious. Encryption, tokenization, data masking, anonymization and robust access controls are highly effective tools to prevent anybody outside the organi-zation, or anybody without privileged access, from using sensitive data. . Businesses should practically be reviewing their data as this will help them understand what controls are best suited to each circumstance. For example, anonymizing customer data may have little impact in its usefulness for ana-lyzing sales trends but does dramatically reduce the sensitiv-ity of that data. In short, businesses should focus more on understanding where their data is stored and then figure out the best means to defend it. Timely Detection is KeyVigilance takes centre stage in best practices for security. Au-tomation can play a significant role in identifying anomalous behavior and implementing defensive measures, based on established threat criteria. Systems need to be able to make smart assessments of who is accessing information, as well as when and why, and base responses on pre-agreed threat criteria, such as locking out a user before they are able to ac-cess, move or use sensitive data. Laws and regulations such as GDPR are created just to provide guidelines for companies to protect their data but businesses should not wait for regula-tory encouragement to treat their data as precious. To succeed in a data-driven economy, it's time for busi-nesses to fall in love with their data and protect it at all costs. If they do, they will have the confidence and capability to re-ally explore the full value of their data. Because compliance is the starting point for digital success, not an end in its own right. In a data-driven economy, compliance is a necessity, but it is not a differentiator. How businesses use their data to unlock valuable insights, design new business models and better tailor services to their customers will be what sets them apart and what makes them love their data even more.
< Page 8 | Page 10 >