With big data comes big responsibility.
As more personal information passes through various servers, systems, and networks, the chance of encountering security breaches increases. Fatemah Khatibloo, a customer intelligence analyst with Forrester, serves everyone a reminder to practice data stewardship, or “…creating accountability for your firm’s data collection, management, and use practices…”
Khatibloo posits that even though large corporations that handle massive loads of data take certain security measures to protect their customer’s identities, there is still work to be done to enforce security on behalf of our customers. In the wake of recent news of successful hackings of various news organizations, the reality of security breaches can’t be ignored. Her solution?
Governance policies, training, and enforcement.
While we are by no means a company that handles big data like Fortune 500 companies do, we are still just as serious about how data is handled. As a company that frequently uses customer data for variable data printing, 1-to-1 messaging, and direct mail, we have created strict policies and procedures to ensure complete protection of our customer’s data.
Our goal is to limit the human interaction as much as possible. This protects us as well as our customers. All employees have passed extensive background checks and have signed non-disclosures, so you know that the data that passes through our hands won’t pass through the hands of others.
For data passed only through computer systems, we maintain strong industry standard security techniques:
• A sophisticated Firewall
• SSL (Secure Socket Layer) to encrypt confidential communications
• Monitoring our sites and computer systems and keeping a detailed log of all access. We regularly review this access and aggressively investigate improprieties.
• Mailing data is securely transferred from our servers to our mailing software, using user/password authentication.
With any confidential files transferred to our server, we take these steps to ensure absolute security:
1. SFTP (Secure File Transfer Protocol) that also uses SSL Protocol.
2. Once received, the file is moved to the working location using automated scripts and is removed from the upload folder.
3. Copies are removed from any local machines and disks are returned or destroyed.
4. The working directories are controlled by network security and permissions. They are not accessible by unauthorized personnel.
5. This security goes down to the individual folders. Once work on the file is completed the job is archived and backed-up. The working file is deleted.
6. Access to archives and back-ups are very limited and only a few select personnel have access.