Data Lifecycle Management: How to reduce risk (part1)
What is Data Lifecycle Management?
The Data Lifecycle goes through 5 steps: creation, usage, transport, storage and destruction. Most companies have parts of this lifecycle under control, but that means there are lots of areas for gaps in the control measures that could let a threat affect the data. The multiple part blog, (I am not sure how many parts it will take), will walk through the steps of the data lifecycle and what a company can do to implement a good process for all the data management challenges.
Data lifecycle management (DLM) is a policy and procedure based approach to manage information movement. Data has to be classified and evaluated to properly protect it with the right resources. Ownership is a key factor in managing and maintaining data throughout the lifecycle
The 5 Steps
- Creation – How does data creation get managed?
- Usage – What limitations are on data usage?
- Storage – What controls are in place for storage?
- Transportation – How is data transmitted between company, customers and business partners?
- Destruction – What is the validation and verification process over data destruction?
The Data Management Problem
- Weak processes in place to track creation usage, transportation, storage and destruction
- Weak ability to monitor and manage a customer record throughout the lifecycle
- Inconsistent processes across each phase of data movement
- Lack of enforcement capabilities
What should be the goal of data lifecycle management?
- Provide practical steps to manage each step of the customer record management process
- Provide cost effective solution for risk mitigation
- Provide framework for data management
- Reduce risk of data loss
Challenges to Customer Data Records Management
- Rarely does a company have a centralized process to track controls over data, over management processes around data, over logging and monitoring, and removal
- Organizations rely on technology to secure data not processes that drive technology purchases
- The 5 steps of data management are not followed by all functional groups in a company
- No clear ownership and classification of customer data elements
Did you know…
- 1 in 400 emails contains confidential information
- 1 in 50 network files contains confidential data
- 4 out of 5 companies have lost confidential data when a laptop was lost
- 1 in 2 USB drives contains confidential information
- Companies that incur a data breach experience a significant increase in customer turnover—as much as 11%
- Over 35 states have enacted security breach notification laws
- Can openers were invented 48 years after cans