Learn something new every day
More Info... by email
Most companies must manage large amounts of information and computer resources. This requires an effective management plan. Data management is the strategy that is used for organizing and managing data within an organization. A good plan should be based on four key elements of information management — ownership, security, retention policy, and enhancement policies.
A change control board is a special group that manages changes to a company's information technology systems. This board is typically responsible for the organization's data management control. The CCB ensures that system changes have been approved and tested before changes in the production system are made. This board meets on a regular basis and verifies and prioritizes all system change requests for the organization.
Data management typically includes security to protect the company's data assets. These steps vary depending on the type of data being maintained. Data security policies will normally include access controls, encryption procedures, and the retention polices.
Most government institutions have strict data management procedures. These steps are required to ensure adequate security for military technologies and government secrets. Data security for sensitive data may include special physical access controls, which makes the data unavailable to the general public. This type of data is typically locked in secret facilities managed by armed guards.
Data privacy protection has become increasing important with the popularity of the Internet. Data management controls typically include the privacy restriction procedures designed around sharing data obtained through the Internet. Businesses are typically required to obtain approval from customers before privacy data can be shared with other companies.
Data retention polices are the rules that govern the length of time data should be managed and saved before it is destroyed. These rules vary depending on the company and department using the data. Data management polices define the retention requirements for a company. This retention requirement is extensive for financial institutions and law enforcement agencies, which are required to manage data for decades.
Data management also includes the granting and management of passwords for computer programs. These are the ownership and governance rules around the data of an organization. The procedures define how an individual can gain access to the data. This typically includes formal procedures and vetting processes.
Data access controls should include procedures for employees who leave a company. An access-removal process is required when an employee is terminated. Data security procedures should include auditing steps that ensure terminated employees do not have access to the company's sensitive data.
@croydon - The thing is, it is very difficult to completely safeguard your data because it is still subject to human error. The best management system in the world would have trouble with that, particularly if it was very large, and so needed a lot of people to have access to it.
One of the ways hackers manage to get passwords is by calling up a staff member and pretending to be the boss, or something similar and just asking for it over the phone. In a huge company people are never going to know every voice.
Which is why data management solutions can't just be about storing the information. They also have to cover protecting it as well.
Data security is massively important now, when so much depends on keeping passwords and credit card numbers safe.
There seem to be quite a few companies that have been hacked recently and managed to lose their customers' information, as well as their own credibility.
It seems like people hack into databases just because they can.
I think it is especially interesting when people who have done illegal things like that then get hired to protect the data they could have been trying to steal.