Do you have protection?

Technology today provides many opportunities to access your information from anywhere in the world.  Online “cloud” services offer the ability to automatically back up your data; and basic services such as word processing and data management are increasingly found online.

Accessibility is the keyword of the day.  Access your information from anywhere, at any time.  But does this access come as free and as easy as it seems?

Where is your company information?  High profile service providers are under investigation for invasion of privacy.  Others cannot seem to figure out how to keep the personal information of one user secure from another.  Perhaps for personal use, these are acceptable practices, but what about your company information?  Board members are under scrutiny with these kinds of questions: Who has accessed this information?  Who holds the board accountable?  Can this company be trusted?

Technology comes to the rescue…or does it?  Technology is simply another tool, nothing more.  The key to using technology is understanding where and how to use it.  The right tool is not the right tool if it is used incorrectly or at the wrong time.  Email, once the standard for all electronic communication can no longer be trusted.  It is safer to shout a message down a crowded corridor than to send it by email.  What about the old stand-by of the postal service, or faxing services?  Having physical copies in the electronic age seems as inadequate as stone tablets.  And where does that paper copy go once you are finished with it?

The latest major advancement in electronic communication comes in the form of secure portal collaboration systems.  These primarily center on document sharing.  For a board member, board packets can be accessed online using a simple web-browser or app.  Security is maintained at the portal level.  A basic portal may be nothing more than a shared folder in an intranet system.  Board members log in and retrieve a copy of the packet.  A more sophisticated portal provides online viewing capabilities, user-level access controls, auditing, and multiple independent workspaces for different groups or committees.

But even with these new sophisticated tools, the basic questions of security still apply.  Auditing should be performed regularly and be available at any time.  Who can access this data is a question not just for the users of the system, but also the providers.  Can the hosting solution for a site be audited?  Is that data sitting in a “cloud” someplace with little or no security measures?  Can the service provider answer this question: Is the site location and data auditable?  In other words, can you tell me exactly where all copies of this data go, and what levels of security are included?

What is the track record of the solution provider?  Have they been in the business of securing and hosting data for years, or are they a new start-up?

These and many other security-related questions need to be asked before you step into the world of online document storage and collaboration…Do you have protection?