Projects are the building blocks of your strategy.

They have to be sufficiently defined to be deliverable individually and yet they must also serve and re-enforce the bigger picture.

The experts skills and tools for your projects.

Where to find us and how we work.

Data Security

Companies now have a statutory, regulatory, and moral obligation to ensure that data, is kept safe and secure. The cost of not doing so is punitive in terms of regulatory or statutory penalties, employee morale, productivity, and reputation.

Always There

The use of Information Technology within the business environment has changed dramatically over the past 15 years. The advent of technologies such as electronic mail, instant messaging and the internet have allowed companies to transact business more quickly and efficiently. We expect our computer systems to be available at all times from anywhere in the world; even within the corporate world users expect to access applications, enter information portals, and transact business via the web.

Increased Threat

However, where there is liberation there is threat, and this landscape is developing rapidly. The “hacker” whose virus writing ambitions were motivated by notoriety has been joined by a legion of organised cyber criminals, intent on stealing personal information and companies’ intellectual property for financial gain. There is also the disgruntled employee looking for destructive and ill-gained revenge. Then of course we have to add the employee who “bends the rules” for financial gain motivated by the peer pressure of performance related targets and remuneration to the equation of data provenance. These impressionable employees may also be groomed by the criminal fraternity to gain access to sensitive data.

Compliance

Compliance and regulation has therefore inevitably and justifiably reared its head. PCI DSS, Sarbanes Oxley, Basel II (Financial) and HIPAA (Healthcare), to name a few, mean companies now have a statutory, regulatory, and moral obligation to ensure that data, including PII (Personally Identifiable Information), is kept safe and secure, whilst there is also a requirement for companies to ensure that inappropriate content is not seen by employees. The cost of not doing so is punitive in terms of regulatory or statutory penalties, employee morale, productivity, and reputation.

Minimise Risk

Maximising all technology advantage therefore brings with it the challenge of minimising, or hopefully eliminating, the threat and risk it brings with it. Ensuring that the confidentiality, integrity, provenance, and authenticity of company information remains intact at all times whilst still providing unconstrained business agility is a specialist skill in itself.

This is more important than ever now that we are building shared, virtualised, and aggregated infrastructures where even inter-group-company and inter-departmental security is essential, so no serious infrastructure provider can therefore begin to design service oriented models without security expertise.

We Do It

Union has CISSP accredited IT security consultants that can help you put the policies, processes, and technology in place to build a robust and compliant data security system built upon best practice. Our Security Assessment could be the best place to start.