 "Data Security Hinges On How Employees Manage Data")
Satish Warrier, Chief Information Security Officer, Godrej Industries, in conversation with Biztech2.com talks about the importance of creating awareness among employees to prevent loss of confidential data.
What is the biggest concern for CISOs?
CSOs have to constantly work towards ensuring a ‘secured state’ in an organisation. Data privacy and security is a wide term and there are multiple challenges that security personnel have to face. I believe the biggest concern is constantly ensuring that data is always available to the authorised personnel and yet, denied to the rest of them.
What best practices do you recommend for CISOs to ensure data security?
According to me, people play a very important role, and the extent of data security in an organisation hinges on how they manage data. So creating adequate awareness amongst the employees is the key. This should be supplemented with proper processes and technology. I strongly believe that just having technologies in place is not enough. Employees should be trained and awareness must be created about the perils of not following security policies. Otherwise it just negates the entire exercise.
What are the different technologies available to safeguard against the new age threats?
There are several ways by which data can be shared, deleted, stolen or lost. With the advent of new computing devices, confidential and sensitive data exists almost everywhere. While there are several technologies available in the market, encryption, tracking, remote wipe, etc., in addition to a suitable DLP solution, would minimise the risk to a great extent.
With enterprises increasingly going social, what challenges does it throw up, and how can these be addressed?
With the emerging social networking culture, it is a great challenge to ensure that there is no leakage of sensitive and confidential information. It has been observed that most data leakages happen inadvertently, due to negligence or lack of awareness. So investing in awareness training sessions and campaigns on a regular basis is the key.
With data explosion in enterprises, do you think an incomplete understanding of where, and what types of sensitive data exists across the enterprise is increasingly becoming a key issue for the CIOs?
Despite data explosion and a proliferation of devices owing to BYOD policies, CIOs do have a fair idea of where the data lies. However, it is a challenging task to keep an accurate track of data in motion. For example, I will send out an email to a legitimate person. I know the impact of sending that information to him. However, I have no control over whom he forwards that email to. I cannot track that.
This is where Rights Management Software (RMS) can help. It can control flow of data and ensure that data is not printed, copied or forwarded. This is something we have implemented and it has helped us in our endeavour to secure data.
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
