As we discussed in Electronic Information Privacy – Securing Your Job Part I, if you are an employee at a corporation, association, university or small business, you must realize that protecting electronic information and organizational data is vital not only to your company’s profitability, but for your job security.
Here is a crash course on how to promote information security within your company. The most effective way to build a Culture of Privacy is to break it down into 3 simple steps (most corporations skip the first step, dooming them to failure):
1. Motivate the Individual. Train yourself, your employees and executives on how to protect identity and company information first. Learning the basic principles of privacy at an individual level is a pre-requisite for all subsequent forms of data security, and supplies the necessary motivation to apply the same habits at work. Each employee needs to overcome their own apathy, ignorance and inaction before they are equipped to protect corporate assets. By making it personal, your executives and employees are acquiring the building blocks necessary to construct a corporate Culture of Privacy. Electronic information privacy training is good for their wellness, and is a means to a safer and more profitable end.
2. Empower the Team. One employee alone does not have the authority or resources to act. By empowering cross-departmental teams (who already understand privacy at a personal level) with the authority and resources to focus on low-hanging security fruit (e.g., laptop computers, document shredding, wireless surfing), you make immediate progress and win crucial organizational buy-in. In contrast, organizations with a Regime of Privacy tend to force data security into a silo (e.g., “It’s the I.T. Department’s responsibility” – see statistics in Part I), never taking into account the vital role played by legal counsel, compliance officers, the CFO, human resources and even facilities maintenance. In a Culture of Privacy, the team is integrated, and the results are more enduring.
3. Lead by Example. There is nothing that undermines a Culture of Privacy faster than an employee or executive team that doesn’t practice what they preach. A CEO who surfs unprotected in the airport or refuses to invest in desk-side shredders will send a hypocritical message echoing throughout the corporation: “privacy doesn’t really matter, we’re just going through the motions.” In the same manner, a CEO who appoints some form of Chief Data Protection Officer but doesn’t supply the vision, budget or authority to make it happen, is the same CEO whose data breach catastrophe shows up on the front page of the Wall Street Journal.
For example, once you have learned to properly shred sensitive documents at home, it is much easier to apply a more sophisticated form of shredding at work. Individuals and business leaders who know how to protect themselves from identity theft on a personal level, will be more knowledgeable and prepared to protect their company’s electronic information from data breach on a business level.
“Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.” – Lao Tzu
John Sileo became America’s leading Information Privacy and Identity Theft Speaker after he lost his business and more than $300,000 to identity theft and data breach. His clients include the Department of Defense, Pfizer and the FDIC. To further bulletproof yourself and your business, contact John directly on 800.258.8076.