Risky Business: A Risk-Based Approach to Your Data

author
Post Date: 05/02/2016
feature image

I recently had the opportunity to author an article for CMSWire about taking an analytical approach to assessing risk.

With the new European Union General Data Protection Regulation (GDPR), companies with a significant European presence are required to take a risk-based approach to data protection. This means assessing how and why your employees currently work with sensitive data in your IT system on a daily basis and understanding where to limit risk.

Part of this approach also means identifying what the potential risks are for individuals if their data is lost or stolen, and putting proper controls in place to prevent such events. Other things to consider include:

  • How will you provide notice to individuals about data collected by your company?
  • Are you properly storing sensitive data according to compliance requirements?
  • Who has access to sensitive data, and does anyone have inappropriate access?

Answering these questions and others in the full CMSWire article can help you craft a risk-based approach to data protection.

To learn how AvePoint can help your organization mitigate privacy, information security, and compliance risks across SharePoint, file shares, and more, visit our website.

author

Dana Louise Simberkoff is the Chief Risk, Privacy and Information Security Officer at AvePoint. She is responsible for AvePoint’s privacy, data protection, and security programs. She manages a global team of subject matter experts that provide executive level consulting, research, and analytical support on current and upcoming industry trends, technology, standards, best practices, concepts, and solutions for risk management and compliance. Ms. Simberkoff is responsible for maintaining relationships with executive management and multiple constituencies both internal and external to the corporation, providing guidance on product direction, technology enhancements, customer challenges, and market opportunities. Ms. Simberkoff has led speaking sessions at data privacy and security events around the globe. She was featured in Forbes, writes a monthly column for CMSWire, and was highlighted in the CSO Online list of “12 Amazing Women in Security”. She is a current member of the Women Leading Privacy Advisory Board and a past member of the Education Advisory Board for the International Association of Privacy Professionals (IAPP). Ms. Simberkoff holds a BA from Dartmouth College and a JD from Suffolk University Law School. LinkedIn: www.linkedin.com/in/danalouisesimberkoff/en Twitter: http://www.twitter.com/danalouise

View all posts by Dana S.
Share this blog

Subscribe to our blog