{"id":1326,"date":"2020-01-09T01:00:00","date_gmt":"2020-01-09T01:00:00","guid":{"rendered":"http:\/\/inswwdev.azurewebsites.net\/au\/insights\/uncategorized\/an-approach-towards-information-security\/"},"modified":"2020-01-09T01:00:00","modified_gmt":"2020-01-09T01:00:00","slug":"an-approach-towards-information-security","status":"publish","type":"post","link":"https:\/\/www.insentragroup.com\/us\/insights\/geek-speak\/modern-workplace\/an-approach-towards-information-security\/","title":{"rendered":"An Approach towards Information Security"},"content":{"rendered":"

Investment is a word mostly correlated with finance or assets, but there are various other avenues we venture into each day, like investment of time, knowledge etc. The most important assets of any organization are these investments captured in the form of data, which leads to an important question, \u201dHow do we secure our data?\u201d<\/p>\n

My vision on security starts with home. We want our house to be safe and ensure that our family is secure in all circumstances. However, we also place a lot of importance on convenience and always consider the risk \u2013 benefit ratio before implementing any form of home security. At Insentra we operate like one big family and have a similar outlook on the Information Security landscape.<\/p>\n

Our recommendation is a gradual approach where we start with an assessment and gradually work towards expanding the security strategy to an extent where the risk – benefit ratio is maintained. It starts with identifying potential risks – this could involve known as well as known \u2013 unknown factors – triggered by either an intentional malicious action or an innocuous accident. The next step is to quantify the potential impact of each risk and evaluate appropriate risk mitigation measures. Our Architect-as-a-Service (MapOne) offering is a great example of our delivery approach and you can read more about it here \u2013 MapOne Part 1 & MapOne Part 2.<\/p>\n

We have seen organizations resort to drastic measures like blocking various forms of access. I\u2019m afraid there is no standard answer around the best approach and the only way we visualize this is through an evaluation of risks vs. benefits. Let\u2019s assume a data loss prevention scenario where an organization has blocked USB access for employees. The below factors may be considered:<\/p>\n

\u00b7 What is the impact of the risk, i.e. employees copying data on USB?<\/p>\n

\u00b7 What is the cost of productivity loss incurred by the organization as n number of employees cannot perform their job conveniently? The lack of convenience is likely to result in delays or the job not being done, which could mean a significant cost to the organization.<\/p>\n

\u00b7 Is the blocking rule limited to departments or people who handle confidential data? Do we really need to apply this restriction to the entire organization?<\/p>\n

\u00b7 Do we have alternative convenient solutions for secure file transfer?<\/p>\n

\u00b7 Have we applied this restriction gradually with employee education and communication?<\/p>\n

\u00b7 Is the potential cost of this risk higher than the potential cost of mitigation? If the answer is yes, we may certainly explore the mitigation strategy with an active effort to minimize the cost of mitigation.<\/p>\n

Organizations spend a fortune in procuring security solutions but a bad implementation could mean a bad risk – benefit ratio. It is imperative that we look at Information Security as an investment and ensure that it does not impact our larger interests. At Insentra we leverage a perfect blend of our organizational values and tremendous Information Security expertise to help organizations achieve the maximum ROI with their investments.<\/p>\n

Please feel free to reach out to us for a risk assessment.<\/p>\n","protected":false},"excerpt":{"rendered":"

Investment is a word mostly correlated with finance or assets, but there are various other avenues we venture into each day, like investment of time, knowledge etc. The most important assets of any organization are these investments captured in the form of data, which leads to an important question, \u201dHow do we secure our data?\u201d… Continue reading An Approach towards Information Security<\/span><\/a><\/p>\n","protected":false},"author":9,"featured_media":1327,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[19],"tags":[],"class_list":["post-1326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-modern-workplace","entry"],"_links":{"self":[{"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/posts\/1326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/comments?post=1326"}],"version-history":[{"count":0,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/posts\/1326\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/media\/1327"}],"wp:attachment":[{"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/media?parent=1326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/categories?post=1326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.insentragroup.com\/us\/wp-json\/wp\/v2\/tags?post=1326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}