Skip to content

IngmingAberia.com

Author, Development Worker, Netrepreneur

Menu
  • About Us
    • About IngmingAberia.com
    • Something Legal
      • Disclaimer
      • Disclosure
      • Privacy Policy
      • Terms of Service
  • Adregnum
    • Inkdrops
      • People’s Congress–the dream is on
      • People’s Congress –areas for reform
      • People’s Congress–how it works
    • Reflections
      • History
      • Management
      • Politics
      • Social Issues
  • Partner Sites
    • Real Estate Buying and Selling
    • For a Healthier + Wealthier You
    • More Health, Beauty & Fitness Tips
    • More Internet Marketing Tips
  • Contact Us
Menu

Shop or Sell

NOVEL – FICTION

Miracles of Quiapo

Get Your Own Franchise Biz

What You Should Do About the SolarWinds Hack

Posted on December 21, 2020 by AdWeek, adweek.com

Federal authorities are now convinced that Russia is behind a cyberattack that is so massive and so serious, that they either don’t want to go into details, or can’t. I’m not sure which is worse. The small amount of information available can be found on every major news site, so I won’t rehash it. Instead, I want to offer you a strategic approach to dealing with an immutable law of 21st century life, “There are only two kinds of companies: Those that have been hacked, and those that do not know they have been hacked.”

A little historical context

The idea of protecting business intelligence is as old as business itself. Since Italian mathematician Luca Pacioli published his treatise on double-entry accounting in 1494, accountants have been writing in ink. In a double-entry system, nothing is erased. If a mistake is made, a reversing entry is made to correct it. The goal is accuracy, permanence and a secure chain of information. Historically, accounting journals and ledgers were so valuable that they were locked in safes at the close of business each day.

Fast forward to the advent of our online world. The business units needed ecommerce, they needed to collect data of every kind, and they needed to connect it to the company’s books. IT was asked to take something that had been literally locked in a safe each night and figure out a way to make parts of it accessible. What could possibly go wrong?

This is, admittedly, a gross oversimplification, but the metaphor is valid, and it presents a good mental model for a simple and effective strategy to combat the most serious social engineering and cyberattack vectors.

Classifying your information

The U.S. government has three levels of document classification: Confidential, Secret and Top Secret. All other documents default to “unclassified,” which means anyone who can access them can read them. If you want to get deep into how the government classifies documents, Google it. There are about a million writings on the subject.

What you need to think about is the hierarchical value of your data. What does “Top Secret” mean in your organization? What’s “Secret?” What’s “Confidential?” Do you have other levels? What information must be protected at all costs, and what information are you comfortable seeing publicly available online?

If you don’t have a document hierarchy, it’s time to create one. You can’t protect everything—truly Top Secret information can be kept top secret, but there is a real cost involved. So, do your research and create clear guidelines for your document hierarchy. The best ones I’ve seen are super simple to understand and easy to execute. This is a workflow and process project. Bring your information management people in early and make this a solid group effort. You may benefit from working with a risk management or cybersecurity consultant.

There are several proprietary document processing tools that can scan work product and determine its classification. There are all kinds of privacy and “Big Brother” issues with this kind of tech, but it is an option you might consider.

Protecting your information

Once you’ve implemented a document hierarchy, it’s time to pick an encryption schema and storage solution. This is another job where skilled consultants may be of value.

The strategy is simple. You will invest appropriately to protect documents and information you have decided you must protect. You will let everything else enjoy common protections offered by commercial-grade systems.

Pages: 1 2

Shelly Palmer

@shellypalmer

Shelly Palmer is CEO of The Palmer Group, a strategic advisory, technology solutions and business development practice focused at the nexus of media and marketing with a special emphasis on machine learning and data-driven decision-making.

Recommended articles

0Shares
GlobalPinoyHomes.com

Free Downloads

Keto Truth - www.healthbeautyandfitness.today
Dream Life Manifestation - aberia.us
Purifying Plants - http://healthbeautyandfitness.today
Tri-Phase Abundance - aberia.us
Blockchain for Business - IMInstitute.org
NFTs Explained - IMInstitute.org
GlobalPinoyHomes.com

Recent Posts

  • People and the law
  • The morning after
  • Monetizing Rizal: How would an elevated Luneta look like?
  • The economy is alive, but…
  • Back to my dreams
  • PPP Ideas for LGUs
  • Taxation and Social Protection
  • A governance approach to rightsizing
  • A slap in the face
  • Climate Change and Transitions
  • Blood of Arsenio Balisacan

Archives

How to sleep with any girl - aberia.us
Get Tokok Franchise Here
Miracles of Quiapo
© 2023 IngmingAberia.com | Powered by Minimalist Blog WordPress Theme