Updated: Jul 12, 2020
We live in the world of information (Data and Records Etc.) where it was treated as the foremost asset of any organization. There are innumerable factors that can act as a potential threat to the significant information of the organisation. Hence,the protection of the information in a way that is effective, efficient and trustworthy should be the fundamental goal of the information management strategy of an organisation.
Editor : Mariyam Zaidi | Contributor : Olaris
The confidentiality, integrity and availability of the information is very crucial in today's world. Natural disasters, computer or server malfunction and physical theft are some of the factors that hinders the process of information management . Hence, identification of vulnerabilities and threats to information resources is something that an organisation cannot ignore.
But, even after utmost care and diligence, information is exposed to internal and external threat that are sometimes unavoidable. So, if a security incident does occur, organisation must try to reduce the negative impact of the incident.
Information (Data and Records) Safety and Security Threats
Are your computer records and files backed up regularly? Does your current storage methods comply with the privacy laws of your country?
Are your paper and electronic records protected from fire, flood, natural disaster, theft, tampering, hacking, etc.? Do you have control over the inadvertent use of obsolete information?
Records/documents with trade secrets or personal information are vulnerable both internally (from employees) and externally in terms of theft, tempering, and computer hacking.
These are common safety and security issues in information management. But how safe are your information from these issues?
Where Do We Start?
Compare your current system with the following information safety and security insights;
Digitizing paper is an important step to protecting paper records/documents from damage from disasters. When paper records are imaged onto electronic media that are dispersed, it minimizes loss from unforeseen events at a central location.
Use of lock-in cabinets for paper record/document. Set up security devices such as CCTV, and alarm security systems where applicable.
Computer security should utilize software from a reputable vendor that includes a firewall, antivirus, antispyware, malware, and adware detection with automatic update features.
Big organization, could utilize security experts to test their network or run security software that will aid in closing known vulnerabilities.
Information Security Awareness training for employees is a big solution to mitigating threats to a large degree. E,g. education on good cyber security practices to avoid having malware installed on their computer system.
Protect computer records with proper file encryption and password protocols that use advanced authentication techniques for user login.