Page 5 - Business Insights Technology Industry
P. 5
5 KEY CONTROL ISSUES
FACING TECHNOLOGY COMPANIES
1: CYBER SECURITY 2: DATA COLLECTION
AND USAGE
This has become a major focus for all They are now the lifeblood of any
companies, but it is even more of an issue company. The more real-time and accurate
for technology-based companies. With your data flow is, the better decisions your
the ever-increasing push to the cloud, management team can make. Data flows
new capabilities and sophistication of like a stream, so you need to understand
software, the better funding of hackers its source, how it is flowing, and where
(organized crime, nation states, insiders, the impediments to a steady flow are. In
etc.), and the inability for companies to evaluating your data collection and usage
monitor and regulate the use of equipment systems, you should consider:
and applications by their staff (e.g. cell
phones), it is getting more difficult for ► What data you need to collect: The
companies to protect their data and the collection and protection of data can be
data of their customers. A data breach pricey, so it is important to define what
can result in significant losses to a source data is going to have the most
company’s reputation and its bottom line. meaningful impact on your business
It is critical that technology companies operations. Things like inventory flow,
stay abreast of new emerging threats and product sales, customer feedback, etc.
are all potentially important factors to
protection criteria on the market to avoid
T oday’s businesses operate at the speed of data. A company’s ability to access costly losses. In developing proper cyber capture information on.
information; reach people; open markets accessible through phones and tablets; and
push data throughout its operations, is essential to effectively operate its business. controls, companies need to consider
Systems that track inventory on a real-time basis provide instant customer relationship both high-tech and low-tech intrusions ► Where this data is coming from: You
information, aid in search engine optimization, and process payments efficiently and and develop systems and controls to need to identify what the source of the
effectively are worth their weight in Bitcoins. Technology-based companies are often on protect against these. Limiting access to needed data is, who has access to it, how
the leading edge of data movement and storage, which bring up key control issues that are sites (e.g. Facebook), training staff about is it being accumulated, how accurate is
not necessarily unique to technology-based companies, but should weigh heavily in their phishing scams and other cyber threats, it, and how timely is it.
assessments of risk and design of internal controls. performing regular intrusion detection
protocols and running data loss prevention ► How the data is being collected: Do
software, implementing and updating you have protocols in place to ensure
firewall securities regularly, performing you are collecting the appropriate data?
staff background checks, controlling Who is entering the data into the system
access management, and ensuring proper or is the data being automatically pulled
encryption and transference of sensitive from a source? How do you ensure
data are some of the many security issues proper notification if data entry fields
that need to be reviewed and assessed on change? Is the data appropriately stored
a regular basis. You need to consider these to prevent inappropriate access? And
and other factors when developing your are confidentiality standards in place to
company’s IT policies, which should also ensure security of data?
include regular reviews of your systems
and your security incident response and
communication plans.
3 4
