Organizations consider that if
they have implemented strict controls, policies or procedures, they are secure.
But they, fail to understand that one simple question, “what to secure and from
whom?”
This is a very common practice to
have this type of mind set because when a security has to be implied to prevent
a information from getting leaked out from an organization, then I don’t think,
any stringency would be of any help in doing this. The reason is very simple,
“Are we feeling the every possible gap within the organization?”
The answer to this question will
be “No” every time because it is not possible to close all the gaps because, we
are not aware of all the gaps. We are putting our thinking on what is visible
but there would be many things, which are not visible. So is an organization
safe?
Due to an increase in the
pressure of getting organizations comply on various standards; we have shifted
our thinking to the real problem of limiting data theft. The biggest threat
prevailing in this area is on the human mind , acting a vital role in data
leakage. The behavior of a non satisfied employee is always uncertain and there
is no policy to govern the mind.
It is and was never possible to
control over a human mind and there will be always a non-compliance in this
aspect, then “what are we preventing and from whom?”, this is the reason, why
we always emphasize on awareness. It is very important to minimize the internal
threat against external. Till today, people working in an organization, are
considered to be the biggest threat against the external entities.
For me, having policies, procedures
and controls are just good to have for an organization, to say “ I have
security implemented” but when you look at the granular level then you will
realize the purpose of having all these is never achieved. One talking to limit
the data theft is impossible, if it is not implemented at the level where
humans dealing with the data, take the responsibility of its security. I don’t believe,
any technology can go above the intelligence of human brain. This is the only
weapon which can cause and prevent the damage from getting worse.
No comments:
Post a Comment