When it comes to instituting a security protocol at your business—be it a Fortune 500 company or a three-man shop—you have to establish expectations and trust your employees to do the right thing. If you can’t trust them, it’s time to find some new people.
Security is a journey, not a destination, and it begins with education. Employers need to show their staff why security is important and what good security looks like. Then they need to trust workers to adopt and implement best practices and regularly monitor the results.
Sure, there are technical elements that must be in place, but beyond that security is a mindset. Privacy by Design, an approach that calls on companies to build privacy into their infrastructures, is good for both businesses and consumers. The FTC and many big Internet firms are behind this philosophy, which is also an attitude, a management style. You, as a business leader, need to model this style, this behavior, for your employees, your peers, your executive management and your clients. It’s about showing people what exactly is the right thing to do—even when no one is looking!
On this new blog at IDT911.com I intend to show you this managerial approach to strong security, as well as discuss more nuts-and-bolts tactics for securing your data. Environments change, threats change, vectors change. We’re constantly walking the security path and how we walk it matters.
I cut my teeth in management and security, first in the U.S. Army, in military intelligence, and then in the financial sector, as a senior vice president and group executive director at WACHOVIA and as director of risk management and control at Citibank. It’s obvious why military and the big banks need tight data security, but today data security is critically needed in businesses of all sizes and in all sectors. In this blog we’ll explore these issues along with other threats—and their appropriate responses—that aren’t so obvious.
Security is a journey. There is always adventure ahead. Let’s head down the path together.
Brian McGinley, Senior Vice President of Data Risk Management, Identity Theft 911
With over 30 years of experience in risk management, security, loss management and compliance within financial institutions, Brian has held senior positions at Wachovia Corp. and Citigroup. He served as board chairman of the Financial Services Roundtable/BITS Identity Theft Assistance Center.
Leave a Reply