Cybersecurity Tip: Asset and Data Security Management
Updated: Nov 13, 2019
Departments are required to maintain a system to track internal assets. Data is considered a critical Department asset and should be managed in a similar manner. Departments should have internal controls in place at all levels of their organization to properly identify, segregate and secure (encrypt or locked storage) confidential or sensitive data separate from other operational data. Such data (including personal data, client data, system security data), left unsecured that resides on PCs, networks, servers, and mobile devices can be breached, resulting in financial damages and enabling hackers to breach systems. Managing data is not solely a technology issue, but requires awareness, training, security and controls for all employees handling data.