In my previous column, I described the protection challenges business owners have with their digital assets. Unfortunately, the issues are more encompassing thanjust the risk of stolen customer credit card data.
To get a handle on these threats to their business, owners must understand the breadth of company information that is digital: banking records, documents, spreadsheets, personnel records, domain names. Further, the owner must recognize the risk is not limited to the issue of theft of digital information. There is also the challenge of identifying where this information is located and whether the location is secure. Does electronic data resideon company servers, in an employee’s smart phone or is it floating around somewhere in the cloud? Added to this,is the problem of accessing this digital information. The information may exist, but it may become impossible to access, either because of hardware failure, lost usernames and passwordsor failure of the company maintaining the information. What steps can a business owner take to lessen the risk, mitigate the losses and otherwise offer some degree of peace of mind?
Get Help: When I bought my Apple II in the late 1970s, the buyer wasessentially expected to serve as installer, customer service rep and repairman. There were no stores, websites or geek squads available to handle problems. This is no longer the case. Thetechnical infrastructure supporting electronic information is well-developed. There are excellent resources, both human and digital, for designing a digital asset protection plan. Just as a business utilizes specialists to help design a disaster recovery plan for its physical plant, so too should a business consider employing outside expertise to create a digital asset protection plan.
Make an Inventory:Can you identify all the information you have that’s digital, both business and personal? And do you know where it is stored? Is the information on the premises, in the cloud, on employee’s personal electronic devise?It is so commonplace to have employees own their own digital devises that, rather than fighting the trend, firms are designing asset protection plans around BYOD (bring your own device). It is important to know what devices employees use and what information can be stored in those devises. An inventory must also include where and how this information is backed up. And, most importantly, you need to know how this information can be accessed.Are user names and passwords recorded somewhere that is both safe and accessible?
Clean it Up: The inventory is likely to expose weaknesses in your digital asset protection plans. For example, you may find that key data is not being backed up on a consistent basis. This offers an opportunity to store data both on secure tangible media and offsite in the cloud. In other cases, you may find that your company’s information is copied and backed-up in multiple and unregulated media, unnecessarily exposing that information to theft or misuse. This is your chance to reign in the data.
Give and Get Permission: My previous column pointed out that federal law can make people unwitting felons when they use someone else’s user name and password. While it remains difficult to ameliorate this legal purgatory, some form of written permission is better than no documentation at all. Further, in some cases, there is an opportunity to specify disposition of a digital account according to the provider’s instructions. Google, for example, recently created the Inactive Account Manager which allows users to control what happens to emails, photos and other documents stored on certain Google sites. Law Professor Gerry Beyer of Texas Tech University offers a number of legal steps that may help protect digital assets, particularly in an estate planning context. It may be possible to authorize an agent to access digital assets, or the assets can be placed in a trust. If the digital assets are of a personal nature, it may also be appropriate to include specific instructions in a will.
Use Online Protection Services:Why not use software to protect what your software generates? There is an active industry of online tools designed to protect and handle digital assets. Some are online password managers such as LastPass and PasswordBox. Others, such as Estate++ and If I Die, seek to store information about digital assets and even send emails about those assets should the owner die. They can serve as a virtual safety deposit box and send out notes to pre-designated recipients at death.
Digital asset protection is a process that lags behind technology both in terms of law and industry standards. While IT gurus can cook up creative ways to store and protect electronic information, it’s painfully obvious that they are sometimes designing systems and standards on the fly. This makes it all the more important to oversee the creation of a digital asset plan for both your business and family, review it frequently, and modify it as time and technology moves on.
In my previous column, I described the safety challenges enterprise homeowners have with their digital property. Unfortunately, the problems are extra encompassing thanjust the chance of stolen buyer bank card knowledge.
To get a deal with on these threats to their enterprise, homeowners should perceive the breadth of firm data that’s digital: banking data, paperwork, spreadsheets, personnel data, domains. Further, the proprietor should acknowledge the chance will not be restricted to the difficulty of theft of digital data. There can be the problem of figuring out the place this data is positioned and whether or not the placement is safe. Does digital information resideon firm servers, in an worker’s good telephone or is it floating round someplace within the cloud? Added to this,is the issue of accessing this digital data. The data could exist, however it might grow to be inconceivable to entry, both due to hardware failure, misplaced usernames and passwordsor failure of the corporate sustaining the knowledge. What steps can a enterprise proprietor take to minimize the chance, mitigate the losses and in any other case provide a point of peace of thoughts?
Get Help: When I purchased my Apple II within the late Nineteen Seventies, the customer wasessentially anticipated to function installer, customer support rep and repairman. There had been no shops, web sites or geek squads obtainable to deal with issues. This is not the case. Thetechnical infrastructure supporting digital info is nicely-developed. There are wonderful sources, each human and digital, for designing a digital asset safety plan. Just as a enterprise makes use of specialists to assist design a catastrophe restoration plan for its bodily plant, so too ought to a enterprise think about using outdoors experience to create a digital asset safety plan.
Make an Inventory:Can you determine all the data you may have that’s digital, each enterprise and private? And have you learnt the place it’s saved? Is the knowledge on the premises, within the cloud, on worker’s private digital devise?It is so commonplace to have staff personal their very own digital devises that, moderately than preventing the pattern, companies are designing asset safety plans round BYOD (deliver your personal gadget). It is essential to know what gadgets staff use and what data will be saved in these devises. An stock should additionally embrace the place and the way this info is backed up. And, most significantly, that you must understand how this info could be accessed.Are consumer names and passwords recorded someplace that’s each protected and accessible?
Clean it Up: The stock is prone to expose weaknesses in your digital asset safety plans. For instance, you could discover that key knowledge isn’t being backed up on a constant foundation. This affords a possibility to retailer information each on safe tangible media and offsite within the cloud. In different circumstances, chances are you’ll discover that your organization’s info is copied and backed-up in a number of and unregulated media, unnecessarily exposing that data to theft or misuse. This is your probability to reign within the knowledge.
Give and Get Permission: My earlier column identified that federal legislation could make individuals unwitting felons once they use another person’s consumer identify and password. While it stays troublesome to ameliorate this authorized purgatory, some type of written permission is healthier than no documentation in any respect. Further, in some circumstances, there is a chance to specify disposition of a digital account in line with the supplier’s directions. Google, for instance, lately created the Inactive Account Manager which permits customers to manage what occurs to emails, pictures and different paperwork saved on sure Google websites. Law Professor Gerry Beyer of Texas Tech University affords various authorized steps which will assist shield digital property, notably in an property planning context. It could also be attainable to authorize an agent to entry digital property, or the property will be positioned in a belief. If the digital belongings are of a private nature, it could even be acceptable to incorporate particular directions in a will.
Use Online Protection Services:Why not use software program to guard what your software program generates? There is an energetic trade of on-line instruments designed to guard and deal with digital property. Some are on-line password managers reminiscent ofLastPass and PasswordBox. Others, corresponding to Estate++ and If I Die, search to retailer details about digital belongings and even ship emails about these property ought to the proprietor die. They can function a digital security deposit field and ship out notes to pre-designated recipients at dying.
Digital asset safety is a course of that lags behind know-how each when it comes to regulation and trade requirements. While IT gurus can cook dinner up artistic methods to retailer and defend digital info, it’s painfully apparent that they’re typically designing techniques and requirements on the fly. This makes it all of the extra vital to supervise the creation of a digital asset plan for each your enterprise and household, evaluate it steadily, and modify it as time and know-how strikes on.