Viewpoint: Let's add policy to GRC


This article can also be found in the Premium Editorial Download "Information Security magazine: Seven questions to ask before committing to SaaS."

Download it now to read this article plus other related content.

How Do You Spell Data Governance? P-o-l-i-c-y
Regarding the Perspectives column by Julie Tower-Pierce ("Think Like a Lawyer,"

    Requires Free Membership to View

March 2008) there is a very crucial word missing: policy.

One of the most important aspects of any healthy e-discovery strategy is policy governing how data is handled, retained, destroyed and retrieved. Without standing policy (i.e., one you did not create after being served a subpoena) that spells out how your organization handles its data, you will find yourself on the very wrong end of a judge's orders requiring the (very expensive) production of records...and perhaps in need of refreshing your resume...or worse.

Stephen Yelick
Information technology security administrator, Macomb County, Mich.

Open Source Does the Job
I just finished reading "Encrypt Them All" (February 2008), and I have to admit that I am surprised that the open source solution, TrueCrypt, was never mentioned.

We have been using SecureDoc for many years and recently decided to give TrueCrypt a try as an alternative. I must admit, I was thoroughly surprised. Although not without problems, it turned out to be a very capable open source solution, and it is very possible that this will be our software of choice. So I must ask, why was it not given consideration for the article?

Art Beard
Manager of information technology, Community Financial

Editor's Note:
The product chart that accompanied the "Encrypt Them All" article was a representative sample of commercial products.

This was first published in May 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: