Is Data an Asset or Liability?
For years we were all taught to “save everything” or “never delete anything”. The principles of this argument may be changing. With the rise of cyber risks, we must start weighing the importance of the data we keep especially when it comes to our client’s data. In this industry, there are laws and procedures that require some data to be maintained for certain time periods but not in perpetuity. The reality of the environment we live in now is that our client data, specifically PII (personally identifiable information) can be a liability to the firm to maintain control and security.
This data may be old tax returns with social security numbers on them, investment statements, or other legal documentation with personal information on it. The firm must weigh whether retaining that data outweighs the risks of having to deal with notification in the event of a breach. As the risks of data breaches rise, firms should have incident response policies in place on how and who needs to be notified when a breach occurs. This list rises exponentially when data is kept without strict retention policies and simply compounds daily.
Firms should consider using retention policies especially if they are using cloud platforms that make this process very easy. Retention policies can be broad to purge items only after 7-10 years or as little as 6 moths based on the type and necessity of the data. Firms should also consider having a compliance scan was done that can scan your entire dataset to at least allow you to see which data contains PII so you can see what data can be purged with little to no impact. The bottom line is with the rise of prevalence of cyber attacks firms need to consider data not only an asset to their company but also a liability.
Our custom service packages deliver what you need and want without overstepping the boundaries of your budget. From cloud services to data backup, Plus 1 Technology is here to team up with you and your company for expert.
Call 610-792-5660
