Generally speaking there are two categories of information that outside access must be secure from:
1) Company Information
2) Private Individual Information
Companies should be restricting internal access to certain information within their network as a
matter of routine. As an example, not all employees should be able to access a previous month’s
sales figures, colleagues salary information or be able to access detailed plans for next year. Within
any company, this would be an accepted practice as reasonable protection against speculation and
rumor for a company’s shareholders.
The management of sensitive information like this can be achieved through installing secure firewalls
and password protection software within a company’s network. Accessing the information should
also only be granted to employees at various levels. Positions of higher responsibility for example
may be granted editing rights for documents where as others only have reading rights.
Regularly scheduled backing up of data, ideally on a daily basis, is an essential part of any
company’s disaster recovery plan. It is recommended that information deemed highly sensitive not
be stored on network-connected computers, as this creates opportunities for hackers to break into
them, which creates a dangerous security threat. Most IT network managers are very aware of these
techniques.
Every company or government body gathers information on users. This might be done in a manner
as simple as a having a database of phone numbers and addresses, or it could be something more
sensitive like Social Security numbers and drivers license details. There are laws in place to limit
how that information can be accessed and used.
Government agencies and large companies must comply fully, and normally do, with all state and
federal legislation regarding Information and data management. They employ personnel who are
exclusively responsible for managing these information databases, their security and the collection of
that information.
Individuals have the right to see any information that a company or organization has on them and to
have it corrected if there are any inaccuracies. You should always be aware of what a company uses
your information for. It should only be for marketing purposes, but many pass on the information to
be shared with other companies.