Information is being created all the time. It starts with a user or an application and then it will go through a cycle of activity, eventually culminating in its deletion. Understanding this, the Information Lifecycle, is crucial to ensure a safe and efficient treatment of your organisation’s data.
Information Lifecycle Overview?
To illustrate the information lifecycle, at Guardian Technologies we use the process of Create, Store, Use, Share and Archive
Contrary to common understanding, most data isn’t created by users, rather it comes from applications. Database exports and computer-generated reports make up the largest slice of most companies’ information creation.
Guardian Technologies can help you understand how information is created, why, by whom and for what purpose. With this, we can reduce creation of unnecessary information, classify what needs to be protected and restrict access to such information.
Information is stored when it is not used and copies often exist in multiple places. In such a case, it is fruitless to protect a single location, e.g. a central repository. When information is “at rest,” that’s when the risk is greatest. No eyes are on it and it could be a long time before any theft or tampering is discovered.
Guardian Technologies helps clients identify all the places in which sensitive information is stored and consolidate it as much as possible. We follow this by limiting access to the information. Sometimes it is also necessary to protect it using state-of-the-art encryption.
This is a key area of GDPR compliance for personally identifiable information (also known as PII).
The value of information lies in its use. A product design is a matter of valuable secrecy before the launch. Afterwards, however, the risks associated with it will decrease significantly and its value will reduce to that of an archive.
Before such a time, however, the information will flow between various members of your organisation, during which it is crucial to know how it’s being handled. Does it exist on a USB stick? Who has access to it and what are they doing with it? How do we protect it without aggravating everybody who’s just trying to do their job?
Guardian Technologies will provide you with a complete visualisation of information usage and workflows to help identify risks to the information. We will deliver:
- Visualisation of information flows
- Insight into what is normal behaviour
- Prioritisation of mitigation
- Tangible reduction is risk as protection introduced.
This is information at its most vulnerable, and important, stage. Without sharing, there is little point to information. On occasion, your information will be shared with third parties, partners and outsourcers, at which point their vulnerabilities will become yours. If you cannot trust them to protect your data, any co-operation is a non-starter. Additionally, if your relationship with a third party breaks down; can you trust them to return or dispose of your data securely?
At Guardian Technologies, we provide services and tools to give “remote control” over your information. We allow you to decide:
- Who can access your information?
- What they can do with your information (read only, edit, print, etc.)?
- When can they do it (provide a two week RFP response period)
- Where they can access (specific IP address or range, location).
- And when you want to stop anyone using your information you can then remove all access remotely.
Delete / Archive
Today, there is rarely any ultimate destruction for information. The ease with which we can store it for extremely long periods of time leads to archival rather than deletion. This, in turn, increases the overall cost of managing an organisation’s information.
The new GDPR regulations require significant changes to attitude regarding the deletion and long-term storage of personal data. Guardian Technologies will help clients to understand how to reduce the amount of information that is being stored, what should be classified and what should not be, options for deletion or long-term archive and applicable legal restrictions on retention.
Why use Guardian Technologies?
There are many security risks across the information lifecycle that any business faces in today’s digital world. To ensure information is protected, you need to understand what your risks are and then assess a complete range of protections against every threat, a tailored, holistic service not provided by many tools and technologies.
There are plenty of solution providers in the realm of information security. We like to do business with like-minded organisations who see the need to enhance their information security provisions but may not have the experience to do so in-house or are growing at such a rate that the in-house IT team need some additional support.
If you are an organisation with 100 users or more and have concerns about your information security, then we have the experience to help you to make sure that information security management and protection keeps you and your client’s information safe in this new landscape in which we all find ourselves.