Back to Newsletter Archive

April2014 ~ Volume 4

Your Customers' Personal Information Belongs to Them - Not You

The information your company holds about your clients does not belong to you it belongs to your customers.

Protecting this information should be a top concern when you consider your companys risks.

Graphic for Risk & Compliance pageWe test the information security controls a company has in place, said Bill Dean, Sword & Shields director of security assessments and computer forensics. The goal of a security assessment is not only to penetrate a network, but to provide risk prioritization. We help companies prioritize their risks and assist with the remediation.

Dean said it is important for companies to know if the controls they have in place are working. That can range from ensuring that their firewall or other applications are properly designed and configured to testing their employee knowledge of company security measures and the effectiveness of the companys security awareness training.

You can have every possible control in place, but if one employee falls prey to a phishing email, then those controls can be circumvented, he said. The controls didnt fail, the people did.

Sword & Shield also provides vital security awareness training to employees and provides information on how to reduce the risks associated with human error. This form of security assessment targets people and processes instead of technology.

Security assessments are much more than checking a box, Dean said.

Many companies spend a great deal of time and effort to meet compliance measures, but just because youre compliant, doesnt mean youre secure, Dean cautioned.

Sword & Shield security engineers place emphasis on matching the degree of security with the business and operational needs.

Dean pointed out that, ultimately, the client determines the areas of risk that could facilitate a breach, but a business owner needs to be aware that the loss of customer information can result in loss of revenue and reputation.

Ultimately, you are being trusted many times to house someone elses sensitive information. This demands appropriate security measures, he said.

For more information about Sword & Shield's security assessments, please call us at 865-244-3500 or email sales@swordshield.com.

Back to top