Data security doesn’t happen by accident. In a large organization, it comes from the combined efforts of a number of people within the organization working together to discover and address security vulnerabilities. The title of this post is obviously a play on the late Stephen Covey’s book, The Seven Habits of Highly Effective People, and its subheads are borrowed directly from the book. But while the original book was about personal development, what follows is a brief exploration of how those seven habits apply to data security in large organizations.
Habit 1: Be Proactive
Building a secure system requires many proactive behaviors. Organizations must map out and take the steps to secure their systems against all the traditional threats to data security, such as weak. They must also be on the lookout for and defend against emerging threats, like DDoS extortion attempts and social engineering attacks. Taking steps to address emerging threats to data security before they become an issue for your organization will mean you’ll be ready for the attacks when they come.
Habit 2: Begin with the End in Mind
The end game of any data security strategy is to prevent control and access to sensitive data and systems from falling into the wrong hands…or, really, any hands other than those with proper authorization. To achieve that end, it is often helpful to work backwards, learning from security breaches at other companies and finding ways to harden your own defenses so you don’t fall victim to the same kinds of attacks. By learning from the mistakes of others, you can reduce the chances that your organization will have to deal with a similar costly and embarrassing data breach.
Habit 3: Put First Things First
Habit three, put first things first, is all about making sure the fundamentals of data security are in place. These fundamentals include access control, backup management, and encryption. Access controls include things like password reset solutions, multi-factor authentication, and identity management. A backup system is essential for preventing data loss and making it possible to recover from a system failure or other such breach.
Habit 4: Think Win-Win
A mainframe has to be secure, but not at the expense of usability. The mainframe is an expensive piece of hardware, but its value comes from the tasks it is able to perform for the organization. That means that employees and departments must be able to access their data, run their applications, and use it to advance the mission of the organization. Mainframe security systems that are too onerous discourage employees from coming up with innovative ways to leverage the power of the mainframe to solve business problems.
Habit 5: Seek First to Understand, Then to be Understood
Data security is a complex field, and in large organizations, the complexities are multiplied over the scope of the business and the number of employees that have to have access to the systems. Understanding the needs of the various parts of the business that access the mainframe will help determine the most effective ways to keep the data on it secure.
Download our white paper, Big Data, Big Security: Best Practices for Enterprise Data Encryption for more information on securing your company’s data.
Habit 6: Synergize
Ensuring the data security for an organization is no one person’s job. Many departments and teams have to work together to make it happen. Data security comes about through a combination of policy and technology. To make a highly secure organization, there must exist a culture of security across all levels of the organization.
Habit 7: Sharpen the Saw
If you’re looking to create a more secure organization, it is not possible to act as if your work is done. It’s not. You and your organization must constantly be on the lookout for new threats and while still figuring out ways to prevent your organization from falling victim to traditional threats.
There is a cultural and policy aspect to data security, but ultimately, it comes down to technology. Check out ASPG’s extensive suite of data security programs today.