You learn from the media that a memory stick containing
personal data has been left on the 8.10 train out of Birmingham.
The police are involved and the data relates to customers and
employees of your company. What are the consequences? How will the
business be hit? Who will lose their job? And will the reputation
of the business be affected, impacting customers and a large
proportion of the workforce?
Information has real business value. The challenge is that the
commercial value of information assets does not appear on the
balance sheet and therefore is not always secured and
protected.
However, we all know how costly the mismanagement of information
can be if tapes, discs, CDs or other memory devices are lost, or
inappropriate or unauthorised access to data occurs. The impact on
the brand, cost of remediation, the possibility of
regulatory and/or legal fines, a downturn in equities, negative
PR and loss of business are all metrics that underline the high
cost of not recognising the value of securing information
assets.
Security will be an ever-increasing issue as more data is
managed by outsourcers, in the
cloud and
offshore. Information governance must be addressed by the
owners of the information, not simply left to contracted
partners.
Virtualisation will also raise issues around how information is
being managed. Knowing where the data resides, how it is being
accessed, updated, migrated or moved will be a management
requirement.
As a result, information managers and CIOs will have to consider
security and data protection options covering all data
repositories, from the laptop, PDA or mobile phone through to the
datacentre. They will have to deliver systems that keep information
continuously available while being secure from hackers or data
loss. Information governance involves everyone; it has business
value and spans every organisation.
Hamish Macarthur is founder and CEO ofMacarthur Stroud
International,