Apac
  • Home
  • CXO Insights
  • CIO Speaks
  • Whitepapers
  • Partner Conferences
  • News
  • Subscribe
  • About us
Apac

  • Agile

    Artificial Intelligence

    Augmented Reality

    Big Data

    Blockchain

    Business Intelligence

    Business Process Management

    CEM

    Cloud

    Collaboration

    CRM

    Cyber Security

    Data Center

    Digital Technology

    Disaster Recovery

    Document Management Systems

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Security

    ERP

    Gamification

    Geographical Information System

    HR Technology

    Internet of Things

    IT Services

    Mobility

    Networking

    Open Source

    PLM

    POS

    Project Management

    QA and Testing

    Risk Management

    SaaS Solutions

    Security

    Simulation

    Smart City

    Sports

    Startup

    Storage

    Unified Communication

    Virtualization

    Web Development

    Workflow

  • Automotive

    Aviation and Aerospace

    Banking

    Compliance

    Construction

    Contact Center

    E-Commerce

    Education

    Energy

    Engineering

    Field Service

    FinTech

    Fleet Management

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Managed Services

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Payments

    Pharma and Life Science

    Procurement

    Retail

    Sales and Marketing

    Telecom

    Travel and Hospitality

    Utilities

  • Amazon

    CISCO

    Corporate Finance

    Google

    HP

    IBM

    Intel

    IT Service Management

    Microsoft

    Oracle

    Red Hat

    Salesforce

    SAP

    VMware

Menu
    • Security
    • Agile
    • Automotive
    • CEM
    • Cyber Security
    • Data Center
    • FinTech
    • Security
    • SAP
    • Business Intelligence
    • Media and Entertainment
    • Oracle
    • Networking
    • Legal
    • Home
    • Security
    Editor's Pick (1 - 4 of 8)
    left
    Need and Importance of IT in the Shipping Industry

    Anjan Deb, GM-IT (CIO), The Great Eastern Shipping

    At the Crossroads of Sports and Technology

    Jerry Mcglynn, CIO, Specialized Bicycle Components

    Proliferative Innovation via Platform+Agile

    Dr. Steve Hodgkinson, CIO, Department of Health & Human Services in Melbourne, Australia

    Journey to the Cloud - Getting Things Straight

    Alex Konnaris, Group CIO, RMA Group

    Redefining the CIOs role

    David Kennedy, Group CIO, Transaction Services Group

    At the Pinnacle of Smart City Aspirations

    Peter Auhl, CIO, City of Adelaide

    Identifying the Ideal DMS

    Judi Flournoy, CIO, Kelley Drye & Warren LLP

    Transformational Change Challenging Information Technology Teams

    Dave Hudson, CIO, Veritiv Corporation

    right

    Enterprise Security - Keys to Enhance Data Security

    By Daniel CS Yeo C.I.P.M, Business Development Director, HaloData Infokom Sdn Bhd

    content-image

    Daniel CS Yeo C.I.P.M, Business Development Director, HaloData Infokom Sdn Bhd

    Trending technologies in these last decades’ enterprises were either busy chasing corporate numbers or intrigued with courting social status in social media that many have not been putting enough attention at the most crucial aspect of an enterprise, i.e. security.

    Enterprise Security consist of many aspects and within the Information Security context, Data Security could and would be the most important asset in an organization that many are still not treating them with utmost priority nor having enough knowledge on how to set up ‘defense’ parameters to safeguard enterprise data that could consist of financial, patents, trade secrets, clients, patients and personal information.

    With the emergence of disruptive technologies and the lack of training or knowledge on how to utilize them properly, enterprises are jeopardizing themselves in security breach, particularly their data.

    Whilst there are a lot of organizations that pride themselves in complying with or achieving the requirement of industrial standards in their area of expertise, many have overlooked safeguarding their data internally. Many are even ignorant to the fact that mismanaged and misused data may bring serious consequences to the organization, in the face of its reputation as well as the possibility of running into legal complications, such as breaching the Personal Data Protection Act.

    Hence, we shall look into some key areas that companies should consider in regards to securing their data as well as mitigating risks. Following are a few key highlights that we should look into: Data classification such as BYOD (Bring Your Own Device) policies and Data encryption, and Rights to access data.

    Data Classification

    Data classification has been one of the oldest forms of securing data in an organization. However, and surprisingly, general perception of data classification is less and is only known to government agencies and few private sectors such as insurance or banks that practices data classification in documenting their information.

    In day-to-day operations of an organization, as well as for argument sake we shall take small enterprise as an example. For instance, flow of data like financial and clients information could be channeled out without taking into consideration of its sensitiveness and significance. The sense of ownership of the data sent by sender could almost be zero!!

    “Data classification has been one of the oldest forms of securing data in an organization”

    Enterprises should take pro-active approach by enforcing data owner to classify their data, base on its sensitivity prior to releasing the information to recipients. Ownership must be enforced by companies to data owner.

    BYOD (Bring Your Own Device) Policies

    Competitiveness has driven businesses to be more cost conscious and some have taken steps as to allow employees to bring their own devices like laptop, pen drives and mobile phones to access to company’s data and information in the day-to-day work. Breaches, misused data, unintentional or intentional data loss/theft and infection of malicious malwares will occur if enterprises do not take proper mitigation steps.

    For the sake of cutting cost or increasing efficiency, enterprises may just incur the biggest loss instead of saving and the stake of brushing with the laws are very high. Hence, enterprises must formulize a proper BYOD policies like using only authorized devices (even though it is a BYOD device, enterprise must run proper check on employees’ devices and approve it prior letting the devices accessing to company’s information)

    Data Encryption

     Employees’ mobility is a common sight now-adays and so is data mobility. Information is vital to be communicated and in some instances, critical for decisions to be made, data need to be ‘transported’ from one point to another. It is during the transportation, be it digitally or physically, data breach could occur. Information could be hacked, stolen or lost in transition.

    Enterprise need to ensure that its data in transition is secure and contained before transporting it from point A to B, and best practice would be to encrypt the data.

    Rights to Access to Data

     Organizations should device a strict policy within its environment as to who have the rights to access to what kind of information. This sound like a no brainer but it is not surprising at all that there are enterprises that do not have mechanisms to monitor its data flow to its high level personnel.

    Enterprises should not be complacent and dependent on its high level staffs to safeguard its data. Policies must be implemented and technologies must be in place to avoid data theft as 70 percent of data theft/lost occurred from within the enterprise itself and the employees are the biggest culprit being responsible for this.

    Security concerns are not just confined to the above few and organizations must not be in denial to acknowledge that data security is a major component of an enterprise. Investment in security technologies is not sufficient, appropriate steps must be taken and employees must be trained to enable a unified approach to defend data security both using brain power and technological tools.

    HaloData Infokom Sdn Bhd, an Information Technology and Services firm, is a Singapore based enterprise. It offers services in 3 main areas such as Information Security, Enterprise Mobility and Business Continuity.

    25 Most Promising Enterprise Security Solutions Providers

    25 Most Promising Enterprise Security Solutions Providers

    Featured Vendors

    F5 Networks

    Mohan Veloo , Vice President

    Banff Cyber Technologies Pte Ltd

    Matthias Chin, CEO

    Security Special

    Copyright © 2018 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy.

    follow on linkedinfollow on twitter
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://security.apacciooutlook.com/cxoinsights/enterprise-security-keys-to-enhance-data-security-nwid-3872.html