As much as businesses and government entities today emphasize the importance of data protection, it's not exactly a strength.
For instance, look at the announcement of LegaLock's compliant transcription service. It indicates "government agencies...select convenience over compliance" by allowing transcriptionists to work with sensitive information on open equipment and networks. Then there are the observations that InformationWeek's Art Wittmann shared over the weekend.
Citing statistics from Privacy Rights Clearinghouse, he says:
A large number of breaches result from simple theft, and from either poorly devised or poorly implemented policies. For these sorts of breaches, tighter regulation typically isn't the answer, and technology is only part of the answer.
The rest of the answer lies in data protection policies. And according to a new InformationWeek Analytics report, Wittmann says, the policies companies do have leave much to be desired. More than half of the respondents don't have encryption on mobile devices, and many of them apply the same data protection policies to all users, regardless of role or responsibility.
"What's easy and cheap for you [is] not what's in the best interest of the business and its customers," he says.
That, obviously, needs to change.