« July 2009 | Main | September 2009 »

August 2009

08/31/2009

Secure Value by Understanding Your Customers' Data Protection & Compliance Issues

Be aware of your customers' data protection concerns to help build trust

Alphabet Soup II
Alphabet Soup II,
originally uploaded by cdw9.

All of these government regulations stand in the way of gettting things done sometimes ... FERPA, HIPAA, HITECH, COPPA ...  but understanding your customers' data protection needs as they relate to government compliance is a path to build trust.

While I was in Boston at the Campus Technology Conference I picked up a couple new followers to my Twitter account from the Other Side Group.  The Other Side Group is "a marketing and new media firm that helps organizations in the higher ed and non-profit spaces learn about and implement new communications techniques."  Their focus on higher ed and passion for non-profit work caught my attentino so I've been following their blog. 

I managed to eke out a decent comment on their blog to an entry they had written on Legal Issues and Social Media Use in Organizations and they repost it as a guest entry Follow up: Legal Issues and Social Media.

The key takeaway on my comment was "when you are dealing with a regulated business in areas that touch on protected data take some time to understand the issues. "  That fit the Other Side Group's work in higher education but it translates as important advice for anyone working in almost any business to business entity today.  Your customers care about protecting their data.  You had better care about it, too.


Reblog this post [with Zemanta]

Posted by Douglas Davidson at 09:45 AM in Compliance, Secure Value, Small Business | | Comments (0) | TrackBack (0)

Technorati Tags: , , , ,

| | |

08/17/2009

Starting Your Own Business?

A downturn in the economy is a great time to start your own business.

Newsweek reports on the history of some big businesses like Microsoft and FedEx who started in downturned economies.  My advice as an entrepreneur who works with enterprenuers is "GO FOR IT", but of course do it with intentinoal security that fits your business.

From the article:

"Big businesses are the ones doing the cutbacks and the outsourcing," says Northwestern's Shein. "They have a right to, but it's small businesses that are providing the jobs." In fact, small businesses created roughly 80 percent of new jobs in 2005, according the U.S. Small Business Administration's most recent data.

 

 


Reblog this post [with Zemanta]

Posted by Douglas Davidson at 10:59 AM in Secure Value, Small Business | | Comments (0) | TrackBack (0)

Technorati Tags: ,

| | |

08/11/2009

Pain of Discipline vs. Pain of Regret

Franco Harris football helmetImage by afagen via Flickr

Secure Value by making decisions and investments to account for risks before they become real negative events.

Secure Value posts have slowed down the last two weeks.  I coach a 9 and 10 year old football team.  I have to confess that my blogging time has been spent getting 16 boys ready to play football.  Though I've been busy getting them ready to block and tackle my mind hasn't stopped thinking about the information security game or helping small and medium enterprises stay fit for their own battle.

Last night we were working through the details of a blocking drill.  As a coach we tell our kids that you can make a choice ... you can suffer the pain of discipline now or suffer the pain of regret later.

And I realized that information security is the same thing.  We don't want to spend the extra time to think up a stronger password, backup files, convene an information security committee meeting, write policy or invest in a firewall.  All those things are pain of discipline actions.  It will hurt a little bit now but help us avoid it hurting a lot later.

And hurting later includes the greater of the two pains, like the pain of regret.  Like when we lose the key proposal or a customer contract to a bad sector on a laptop or server.  Or when a client asks us to prove we have a security committee and follow whatever alphabet soup regulation they are accountable to.  Or when our weak password is easily guessed and your business penetrated.  Or when you have to terminate an employee for inappropriate behavior but can't produce the policy he violated. Or when ....

So take the time to hustle in practice and study your playbook at night ... Oh, sorry ..

Take the time to invest in your future and endure the pain of discipline by considering information security's role in your business and avoid the pain of regret that comes with the impact of a future predictable risk. 

Related articles by Zemanta
Reblog this post [with Zemanta]

Posted by Douglas Davidson at 12:55 PM in Information Security, Information Security Basics, Secure Value, Small Business | | Comments (0) | TrackBack (0)

Technorati Tags: , , ,

| | |

My Photo

About

TypePad Profile

Get updates on my activity. Follow me on my Profile.

Categories

Twitter Updates

    follow me on Twitter
    Blog powered by TypePad
    Creative Commons Attribution-ShareAlike 3.0 Unported