Wednesday, 13 January 2010

Email data: How safe is yours and who is looking after it?

Data theft or data loss. One of those things that we all pray doesn’t happy to us as when it does it makes us headlines stars for a week or two and seriously dents our employers bottom line and our long term career goals!

Give that data theft is a huge risk, it’s amazing how many business do not give a second thought to this elephant in the board room, or arm themselves to ensure one of their biggest assets is well marshalled.

The shift to towards cloud computing has many, many benefits and I for one am a big fan. But it does leave us with a few important questions in terms of how we manage our data securely, whoever it is that is entrusted with it and wherever it may sit.

But the cloud is not the only place we should be looking to – how about the various suppliers you have that look after your data?

Surely top of the list must be your Email Service Provider (ESP)

Any company that uses an ESP is allowing their data out of the building and to be hosted by a third party. Meaning your valuable email data is as safe and secure as that ESPs own security policies.

Add into the mix the sheer number of employees in your business that might have access to the email platform to send email (and help themselves to your data) and this surely is something that should be given more consideration?

It’s with this in mind that reading about the imminent launch of the DMA Data Seal gives us reason to insist on an accreditation scheme to be sure that our third-party supplier has the safety of our data at heart.

Some advice then.

Look into your data and where it is hosted right now. Ask your ESP, or any other company who looks after your data, how they ensure it is safe and what, if any, procedures do they have for monitoring – a good ESP will be able to offer you email seeding for example, so you can be sure exactly who is sending to your lists – especially useful (alas) in the current times of redundancies and the disgruntled ex employee who decides to “help themselves” before they leave.

Ensure that your ESP signs up the DMA data seal or has an equivalent pedigree – ISO27001 for example.

Small steps that will keep your data safe, ensure you minimise the risk of becoming headline news for all the wrong reason and leave you one thing less to worry about.

No comments:

Post a Comment