Miriam Wugmeister and Christine Lyon of Morrison & Foerster have published a great article on using your employees as a key element of your company’s data security practices. Here are some of the key points in their article:
security practices in the private sector are under growing scrutiny by
the Federal Trade Commission, state attorneys general, and other state
and federal regulatory agencies, as evidenced by the fines imposed on
companies such as Tower Records, Barnesandnoble.com, Microsoft, and
Victoria’s Secret. According to a recent survey by
PricewaterhouseCoopers, nearly half of the fastest growing companies in the United States have suffered a breach of data security in the past couple of years. California now requires companies to provide written notice to
California residents who may be affected by certain data security
breaches. Similar legislation has been proposed at the US federal
level, and the new Japanese Data Protection law will have a similar
obligation. The potential ramifications of a data security breach have
never been greater, and will only continue to grow.
focusing on the technological aspects of data protection, companies
often neglect the most critical component of any data security program:
their employees. A company’s investment in firewalls, encryption,
password protections, and other security measures can be completely
undermined, even accidentally, by a single employee. At the same time,
employees can be one of the company’s best lines of defense against
internal or external data security breaches. This article will analyze
the real-world risks to the security of your data, and then describe
how to create a data security program that capitalizes on your
company’s investment in its employees, as well as in technical data
Read the entire article here – and consider forwarding it to your CIO or MIS Department as well.
-> Click to subscribe to InhouseBlog's FREE Weekly Newsletter featuring in-house counsel news and jobs.