Creating a Data Loss Incident Plan - Slide 2

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20
Next Data Loss Prevention Framework-2 Next

Data Loss Prevention Framework

To aid in the development of a data loss incident plan and help maximize business continuity, organizations are encouraged to self-audit their level of preparedness by surveying key management leaders and a representative sample of employees with the following questions:

  1. Do you know what sensitive information is maintained by your company, where it is stored and how it is kept secure? Do you have an accounting of all information stored including backups and archived data?
  2. Do you have an incident response team in place ready to respond 24/7?
  3. Are management teams aware of security, privacy and regulatory requirements related specifically to your business?
  4. Have you completed a privacy and security audit of all data collection activities including cloud and outsourced services?
  5. Are you prepared to communicate to customers, partners and stockholders?
  6. Do you have readily available access codes and credentials to critical systems in the event key staff are not available or are incapacitated?
  7. Are employees trained and prepared to notify management in the case of accidental data loss or a malicious attack? Are employees reluctant to report such incidents for fear of disciplinary action or termination?
  8. Have you coordinated with all necessary departments with respect to breach readiness?
  9. Do you have a privacy review and audit system in place for all data collection activities including that of third-party service providers? Have you taken necessary or reasonable steps to protect users? confidential data?
  10. Do you review the plan on a regular basis to reflect key changes? Do key staff members have hard copies of the plan readily accessible in their offices and homes?

The Online Trust Alliance (OTA) advocates that all businesses create an incident response plan and be prepared for the likelihood that they will experience a breach or data loss in the future. The fact is breaches happen and often at the worst of times. Rather than be lulled into the belief it will not happen to your business, a well-designed plan is emerging as an essential part of regulatory compliance, demonstrating that a firm or organization is willing to take reasonable steps to protect data from abuse. Doing so is good business. Developing a plan can help to minimize risk to consumers, business partners and stockholders, while increasing brand protection and the long-term viability of a business.

This slideshow highlights key questions and recommendations for businesses to consider while building a data loss incident plan.

More Slideshows:


10 Tips for Making Websites Stickier Develop an effective strategy to keep customers engaged.

The Mobile Work Force Today Mobile employees carry an average of 2.68 mobile devices, including laptops, smartphones and increasingly tablets.


10 New Smartphones for Business New smartphones for today's business user.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

IT security skills 7 Top Skills for Security Pros

Executives at several top tech firms outline the skills they need now and in the near future, including IaaS and IoT security expertise. Other skills listed may surprise you. ...  More >>

IT security careers The Most In-Demand Security Jobs and How to Get Them

Security professionals are in demand right now, and entry-level security jobs generally fall into either an engineer or analyst role. Find out more about required skills and career paths. ...  More >>

142x105itbeusasecurity2.jpg 9 Predictions for Cybersecurity’s Role in Government and Politics in 2017

Experts predict how cybersecurity will affect and involve our government, policies and politics in 2017. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.