Data security is a major concern for all CIOs. This has been addressed from access and identity controls through encrypting data in transmission through to securing data at rest, on disk or on tape.

The difference today is that threats are more sophisticated and business practices are more dependent on IT practices that span each organisation from individuals through to the data centre. The requirements for sound information governance include company practices, as well as financial reporting standards and legal issues, such as the Data Protection Act.

Penalties for poor practice can be significant, not only to the company, but also to the individuals concerned. Examples of the consequences of operational failures include fines, loss of confidence in the organisation and the brand, loss of standing with colleagues or loss of employment and, in the extreme case, corporate failure.

The link for this article located at TechWorld.com is no longer available.