In all of business (especially for risk), a company has to do an appropriate cost/benefit analysis. If a data breach is a probability, then the company has to put controls in place - such as encryption, off-line data backups, appropriate information security policies.
As an expert recently said "Perfect security is infinitely expensive".
It is like insurance - if my dog is known to bite, then as a dog owner, I need to buy dog biting insurance. Likewise, if I have a lot of personally identifiable information for my company on my corporate laptop; then I need to have better protection for that data.
In a similar fashion, if my dog is the meekest dog on the planet, maybe I don't need dog biting insurance; (or .. if I don't have personally identifiable information on my laptop, maybe I don't need to encrypt all data).
As an expert recently said "Perfect security is infinitely expensive".
It is like insurance - if my dog is known to bite, then as a dog owner, I need to buy dog biting insurance. Likewise, if I have a lot of personally identifiable information for my company on my corporate laptop; then I need to have better protection for that data.
In a similar fashion, if my dog is the meekest dog on the planet, maybe I don't need dog biting insurance; (or .. if I don't have personally identifiable information on my laptop, maybe I don't need to encrypt all data).
No comments:
Post a Comment