Houston is famous for having no zoning regulations, and it leads to some pretty odd scenes. While there’s something to be said for freedom to do what you want with your land, it’s hard to look at a skyscraper right next to a single-family house and wonder if that’s really the best scenario for anyone. There are good reasons that no other major city has decided to pursue an anything-goes approach to land development.
The same goes for your company’s data. Increasingly, company data is migrating away from a central server into software-as-a-service platforms. There is a great reason for this – accounting, marketing, human resources and customer service departments all use different platforms because those platforms are far more efficient for that specific function. Each platform has different permissions for different employees. Data is collected and added to each system as needed to complete new job functions.
The problem with this is that, in most cases, there’s nobody who knows all the places where each piece of data is stored. An IT professional hasn’t evaluated all of these permission systems to make sure they’re configured correctly, and legal counsel hasn’t reviewed them for legal compliance. Worst of all, if one of these platforms experiences a breach, nobody immediately knows what company data is in jeopardy.
Your company’s data needs zoning regulations at least as much as a large city. HR systems tend to be limited to internal access. Your marketing platform obviously cannot be walled off to the outside world. Emails from the customer service department don’t have to follow the same privacy laws as emails to non-customers, especially if you do business in Europe or Canada (or soon, California). And your financial data, among the most sensitive in the company, shouldn’t be able to be reconstructed by using data from other systems.
If data is moving from platform to platform, and that migration is not being overseen by a privacy or technology expert, there’s a good chance you’re going to end up with sensitive data being made accessible to the outside world. If companies like Honda and Facebook manage to leave employee and customer data unsecured on the internet, the odds are high that millions of small companies without the security budget of these behemoths are doing the same.
Have you done an audit of the data in the software platforms used by each of your internal teams? Is sensitive HR data stored only in systems designed to support compliance with HR laws? Can the same be said of marketing and financial data? If not, this is a great opportunity to both lower your data exposure risk and educate your teams on the importance of data security.
To learn how WingSwept can help your company make better use of technology, call us at 919-460-7011 or email us at Team_WingSwept@WingSwept.com.