Tuesday, March 27, 2007
What do the Leaders Do Differently
The IT Policy Compliance Group has published a useful research report describing best practices for decreasing the incidence of sensitive data loss. One particularly interesting feature of the report is their comparison of what makes leading firms (i.e., those with the fewest lost data incidents) unique. Specifically, the report shows that leading organizations are uniquely employing multiple IT controls to help protect sensitive data and monitoring and measuring controls and procedures to protect data once every four days. The report also shows that leading firms consider two types of non-core business data (IT security data and regulatory audit and reporting data) to be among their most sensitive data. Thus, the report provides not only good comparative data, but also guidance for improving existing practices, and should be considered recommended reading for any organization interested in reducing data loss.