Published: 01 May 2008
| How Do You Spell Data Governance? P-o-l-i-c-y
Regarding the Perspectives column by Julie Tower-Pierce ("Think Like a Lawyer," March 2008) there is a very crucial word missing: policy.
One of the most important aspects of any healthy e-discovery strategy is policy governing how data is handled, retained, destroyed and retrieved. Without standing policy (i.e., one you did not create after being served a subpoena) that spells out how your organization handles its data, you will find yourself on the very wrong end of a judge's orders requiring the (very expensive) production of records...and perhaps in need of refreshing your resume...or worse.
We have been using SecureDoc for many years and recently decided to give TrueCrypt a try as an alternative. I must admit, I was thoroughly surprised. Although not without problems, it turned out to be a very capable open source solution, and it is very possible that this will be our software of choice. So I must ask, why was it not given consideration for the article?
It's Time to recognize the industry's Best
Information Security magazine and SearchSecurity.com will honor innovative security practitioners in seven vertical markets this fall with our annual Security Seven Awards. The awards, to be handed out at the Information Security Decisions conference in Chicago and featured in the magazine's October issue, will recognize the efforts, achievements and contributions of practitioners in financial services, telecommunications, manufacturing, energy, government, education and health care.
While vendor executives are not eligible, we're inviting you to nominate your most innovative practitioners. Nominees must have made a noteworthy contribution to their organizations or the security community in areas including research, product development and standards.
Nomination Deadline: June 25