A new report by Bluewater International revealed that many companies are taking initiative and deploying document protection technologies, though only a few have policies in place to mitigate damage in the wake of a breach. Those firms that are able to recover in the aftermath of a breach often use data recovery vendors without the consent of C-level executives.
Although recovery is an important factor in keeping sensitive information safe, decision-makers should be aware of the status and actions of any outside help so they can align business goals with the vendor's priorities, the news source said.
"Changes in regulations are demanding that companies, especially in government, healthcare and financial markets, monitor and take responsibility for the security of regulated data and the action of third-party vendors handling the data, but that is not enough," said Gary Gordon, managing partner at Bluewater International. "There are no standards or best practices to follow, therefore the solution to this high impact risk requires policy and procedural changes."
When considering hiring service providers for help, decision-makers need to create a robust service-level agreement that adheres to the unique requirements of the company's document rights management strategies.