Now that the European Union’s GDPR regulations are in place, many companies are starting to think about data security more heavily than ever. But even if your business doesn’t have any clients in the EU, data security is still a major concern. What happens if customer data leaks out of your network (or your doors)? How about private information about your employees, or sensitive information on vendor contracts?
The default solution is to protect data like crazy – plenty of passwords, two-factor authentication, group policies, and similar suggestions. And all of these are important and good steps. But have you considered whether you really need all of the data you have?
To be sure, there’s plenty of data that’s valuable to have. But there’s also plenty of data that isn’t really useful to your business. In fact, you’d probably delete some of this information without a second thought if you were aware it was still lurking on your network. For instance, it’s a good idea to keep billing information for current clients on file, but what value are you getting from the billing information of former clients who stopped doing business with you years ago?
Data that you don’t possess can’t be stolen. If you own data that doesn’t provide any benefit, but does present risks, it makes sense to just get rid of it. Here are a few types of data that might fit this category.
Personal Identity Information (PII) – Is there a legal need to keep data that’s easy to tie to an individual, such as a Social Security number, credit card number or medical information? If not, discarding it can reduce risk substantially.
Very Old Data – Some data loses value to your company as it ages. That doesn’t mean the risk of keeping the data also decreases. Old data takes up space, is often protected less well, and will cause discovery costs to spiral if you face a lawsuit. Companies should be selective about keeping very old data.
Unused Data – If nobody has accessed a specific tranche of data on your network in years, it’s likely to remain unused in future years, too. If there’s not a compelling legal or business reason to retain the data, it’s probably worth discarding.
To learn how WingSwept can help your company reduce risk and improve business outcomes through the use of technology, call us at 919-779-0954 or email us at Team_WingSwept@WingSwept.com.