The Most Overlooked Component of Data Security: Your Employees

    Miriam Wugmeister and Christine Lyon of Morrison & Foerster have published a great article on using your employees as a key element of your company’s data security practices.  Here are some of the key points in their article:

    "Data
    security practices in the private sector are under growing scrutiny by
    the Federal Trade Commission, state attorneys general, and other state
    and federal regulatory agencies, as evidenced by the fines imposed on
    companies such as Tower Records, Barnesandnoble.com, Microsoft, and
    Victoria’s Secret. According to a recent survey by
    PricewaterhouseCoopers, nearly half of the fastest growing companies in the United States have suffered a breach of data security in the past couple of years.  California now requires companies to provide written notice to
    California residents who may be affected by certain data security
    breaches. Similar legislation has been proposed at the US federal
    level, and the new Japanese Data Protection law will have a similar
    obligation. The potential ramifications of a data security breach have
    never been greater, and will only continue to grow.

    While
    focusing on the technological aspects of data protection, companies
    often neglect the most critical component of any data security program:
    their employees. A company’s investment in firewalls, encryption,
    password protections, and other security measures can be completely
    undermined, even accidentally, by a single employee. At the same time,
    employees can be one of the company’s best lines of defense against
    internal or external data security breaches. This article will analyze
    the real-world risks to the security of your data, and then describe
    how to create a data security program that capitalizes on your
    company’s investment in its employees, as well as in technical data
    safeguards."

    Read the entire article here - and consider forwarding it to your CIO or MIS Department as well.

             

* Like this? Subscribe to this blog and get periodic updates of in-house counsel news and jobs. *

Related Posts:
How To Respond To Data Breaches
Liability for Identity Theft - Time to Worry?
Potential Business Liability for Failure to Secure Consumer Data
Data Security: The Time Is Now
Notification Requirements for Data Security Breaches




One Response to “The Most Overlooked Component of Data Security: Your Employees”

  1. robhyndman.com Says:
    May 1st, 2005 at 11:54 am

    Data Security Protection Policies

    Via Geoffrey Gussis, a MoFo article on data security protection policies. It’s a great article, and particularly relevant given recent high-profile unintended data disclosures, and recent and expected changes in the US legislative privacy and security…

Leave a Comment

    Inhouse Counsel Jobs