In light of the recent WannaCry ransomware attack, it is important to consider how information governance can help an organization prepare for a ransomware attack.
The moment that we all dread can unfortunately happen at any time in today's work environment: You are sitting at your computer when suddenly, you are alerted that there has been a data breach or that your files are being held ransom.
Of course, now the questions begin and your entire organization must decide what to do next and how to effectively handle this breach. But what if you were properly prepared for just this scenario by executing a proactive information governance implementation?
That's the topic of today's blog post: how to prepare for a breach. If you look at nearly all the available data, it's clear that an organizational breach is more a question of "when" versus "if". With that in mind, we're going to focus on some best practices for information governance implementation to help mitigate the damage from a breach.
Know Where Your Data Lives
The key to any successful information governance implementation is knowing where all of your data lives, especially data of a particularly sensitive nature. This will require a dedicated effort and cooperation from every business unit within the organization.
Setting up a complete file plan and retention schedule is also of critical importance. Knowing when records need to be disposed of is as important as knowing where they are located. Redundant, Obsolete and Trivial (ROT) data can be a cause of legal and compliance issues if exposed during a breach.
Know Who Has Access
Restricting access altogether to certain repositories or libraries is an effective way to remove risk of an accidental breach. Additionally, the less people involved with sensitive data, the better. In the event of a leaked password, termination or other event, your organization will benefit from only a handful of users having access to sensitive data.
Setting up certain areas or certain types of records for sensitive data allows for just the right amount of sharing so as not to impact business workflows while maintaining data security during an information governance implementation.
Know How You're Going to Execute
Laying out all of these plans and getting buy-in from all the departments is a great first step, but now it's time to actually move beyond information governance implementation and on to execution. Often the first step is classification: classifying records based on their content. Here at RecordLion, we use both a semantic and text-based scanning engine to ensure proper classification while not relying on manual user classification.
From there, creating the rules to add to policies will allow your information governance program to run in an automated environment with minimal manual intervention. Of course, user training and best practice workshops are a crucial part of an overall cybersecurity program, but the nuts and bolts of the program should be automated due to the overwhelming amount of data processed on a daily basis.