• Office of the Comptroller

Cybersecurity Tip: Asset and Data Security Management

Updated: Nov 13, 2019

Departments are required to maintain a system to track internal assets. Data is considered a critical Department asset and should be managed in a similar manner. Departments should have internal controls in place at all levels of their organization to properly identify, segregate and secure (encrypt or locked storage) confidential or sensitive data separate from other operational data. Such data (including personal data, client data, system security data), left unsecured that resides on PCs, networks, servers, and mobile devices can be breached, resulting in financial damages and enabling hackers to breach systems. Managing data is not solely a technology issue, but requires awareness, training, security and controls for all employees handling data. 

25 views1 comment

Recent Posts

See All