Data security and integrity have been top of mind for just about everyone in our industry lately. If you haven't taken a good look at your disaster recovery plan, it's time to do exactly that. Start with listing all physical and non-material (data) assets you maintain or use, and follow this process for each item:
- Assess the risk or level of exposure.
- Review current procedures to ensure risks are mitigated at every potential exposure point.
- Determine your response plan should that asset become compromised or unavailable.
You'll want to review this data asset management list at least quarterly and update it with every hire and departure of your entire team. Note who has access to equipment (physical assets, like laptops) and named user logins to all electronic platforms, such as Generations, with admin users highlighted. Review your data asset assignments during HR reviews and whenever new technology is introduced within the organization.
And last but certainly not least, you'll want to do a semi-deep dive into how your technology providers store your data. Begin by reading the security and privacy statements that should be listed on their website. Ask about data immutability and if there are multiple redundancies (there should be at least three) in your data. These are the gold standards we abide by in service to our clients. Having your own disaster recovery plan, including data asset management and response, should complement your technology partners' technical care and oversight.
Lisa Ferden
Co-Founder and COO
|