Breach, Data Security, Network Security

IT’s vital role protecting company info

A global study by Iron Mountain and PwC that surveyed 1,800 senior business leaders in Europe and North America from mid-sized and enterprise-level organisations shown that less than half (46 percent) of senior executives are allowed access to valuable company information.

This suggests that the greatest barrier to unlocking the value of information is the IT department. The ability for these senior executives to make effective business decisions could be seriously constrained due to this lack of access.

More than two thirds of businesses surveyed (68 percent) have confidence that valuable information can be accessed easily by those who need it. Widespread confusion and inconsistency between functions means that this is not always the case.

IT has an important role to play in order to prevent unauthorised access where information is valuable and highly sensitive. Forty six percent of the businesses don't allow IT access to such information, which would potentially make it more difficult for IT to pass information to other functions.

Companies that do allow their IT department access to valuable information are more likely to grant access to other functions that include research and development (35 percent), finance (35 percent), records and information management (27 percent), and marketing (26 percent). Only four percent of the surveyed businesses extend access to all employees. Access for all employees grows to 10 percent in companies where IT doesn't have control over valuable information.

“The IT department plays a vital role in protecting and managing information, but the information dynamic has changed. Businesses now need to strike a balance between managing information to mitigate risk as well as managing it for value. Organisations – and their IT departments – must make sure that those employees best placed to exploit information to support stated business goals can access relevant and appropriate information when they need it. This may require data to be “de-identified” to protect private information before it is made available for analytics. Failure to have a strategy for controlling access can quickly lead to employees coming up with unauthorised and unprotected workarounds to find what they need,” said Sue Trombley, managing director of thought leadership at Iron Mountain. 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.