We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

How secure is your organisation’s data?

Home Business How secure is your organisation’s data?
Business, Opinions
2018-07-112024-06-18By Staff Reporter

Jan Coetzee

There is a great deal of talk around GDPR (Global Data Protection Regulations) these days. Especially about how external companies (e.g. Social networks, marketing, and online shops) access and use peoples’ personal data. As well as to how to protect yourself and your data online, from your data being exploited or sold without your knowledge for example.

How do companies deal with protecting their most valuable asset ‘Information?’ It has become the currency of the 21st century. There is no getting around this statement, you control the data, you control revenue streams and the access to information that people have. If we look at how fast, we consume information and how swiftly it has seemingly become something we cannot live without, one would even be as bold to say it has reached a point where we can and should include it in Maslow’s hierarchy of needs. Just like, there are calls to add access to the Internet to Maslow’s Pyramid of needs. This is not an exaggeration, just look at your own web surfing and social media habits.

The way most of us act, it would be considered at the top of the pyramid. Which begs the question; how secure is your organisation’s data? We hear of breaches and leaks of information in various organisations and industries, and recently at our very own doorstep. Namibia had to deal with one of its own organisations being the victim of a data leak at the Social Security Commission. Personal information, details and data of thousands of people registered with the Social Security Commission (SSC) was leaked online. The leak, extracted from the SSC website recently, included personal information of clients such as salaries, home addresses and copies of national documents, including ID cards and passports. A tremendous security leak and breach any organisation has to deal with. The extent of the leak is not yet fully known, but documents reportedly seen by The Namibian newspaper so far shows that the breach of confidential information affects over 2000 people registered with the agency.

How does an organisation address these challenges?

One would think that getting the most expensive security measures in the world would do the trick. However, how do we know which is the best? There are lots of criteria for this. There is a saying; ‘most expensive is not always the best.’ Is the most expensive the best for our organisation? Do we need a sledgehammer to hammer in a nail?…Might the security solution not be too much for an organisation. One size definitely does not fit all.
We need to examine and answer with regards to operating model, strategy, industry regulations, Risk Appetite and Cultural and Behavioural Aspect, of the specific organisation.

Right here in Namibia there are organisations like Headway Consulting, specialised in answering exactly these questions and capable of analysing the needs of an organisation. Embracing, adopting, and adapting best practice frameworks is the safest way to proceed and makes the most business sense.

ISO/IEC 27001, the Standard for information security management in organisations, specifies an Information Security Management System (ISMS), a suite of activities focused on the management of information risks or ‘information security risks’ in the everyday life.

The standard covers all types of organisations (e.g. commercial enterprises, government agencies, non-profits), from micro-businesses to huge multinationals, and all industries or markets; e.g. retail, banking, defence, healthcare, education and government.

The COBIT 5 framework for the Governance of Enterprise IT is essential to abide by for organisations. It is the latest edition of the globally accepted framework, providing an end-to-end business view of the governance of enterprise IT that reflects the central role of information and technology in creating value for enterprises.
The principles, practices, analytical tools and models found in COBIT 5, embody thought leadership and guidance from business, IT and governance experts around the world.

This all seems a bit high level and for many of us sounds like another language or a whole different world. However, there are specialists that can assist and ensure that data breaches don’t occur and that your own data and information as well as that of your customers and users is safe, secure and adheres to international standards.
That is why the consultants at Headway are there. It is their information and data too, which they can help keep safe. Namibian organisations play and operate in a global arena these days and need to adhere to international best practises on many levels, but especially when it comes to keeping data safe.
*Jan Coetzee is the Managing Director of Headway Consulting