This week in GRC delivers data security tips, options for storing data off the grid and an executive shift in priorities.

Protect Your Data, Save Millions

There’s no doubt that breakdowns in data security can cost companies money. The Ponemon Institute, an organization dedicated to privacy, data protection and information-security policy has defined that number. From 2005 to 2008, average costs associated with data security breakdowns rose from US$ 138 per record to US$ 202 per record, or from US$ 4.45 million to US$ 6.65 million per incident.

And experts predict that 2010 could be just as costly. That is, unless companies start doing all they can to protect customer data. Among the steps they can take:

  • Implement an adequate encryption system that covers data in storage and when it’s being transmitted.
  • Check the security mechanisms in place for your customers’ networks to safeguard against hackers and security compromises.
  • Conduct independent tests of your system at least once a year and any time the infrastructure is updated.
  • Re-establish customer trust and confidence with transparency and public responsiveness.

Company Data Goes Back on the Shelf

Forget storing your data on the cloud. Some archival and storage companies are doing it themselves. By storing detailed information of what's in a box, along with the box's location on the shelves, in a company database, storage companies aim is to be able to not only provide off-site storage, but make it simple for companies to access their information when needed.

These off site storage options, which comply with HIPAA and other federal regulations, are gaining popularity, mostly because of space issues within organizations. As rent increases, companies may simply not have the money or room to house files. And while some are working to archive documents electronically, they are still seeking to house paper copies at a remote location for backup.

Executives Focused on GRC

According to a global survey by KPMG International, nearly two-thirds of executives say they are focused on converging their company's many governance, risk and compliance initiatives, to improve risk management and reduce costs.

It’s good news for GRC, which seems to be taking a priority at the executive level. What’s driving the shift in priorities? Everything from a need to simplify overall business complexity (44 percent), to reducing organizational risk exposure (37 percent) , to improving corporate performance (32 percent).

Executives also seemed clued-in to the benefits that GRC initiatives can deliver, citing the ability to identify and manage risks more quickly (59 percent) and improve corporate performance (39 percent).

Of course, acknowledging the significance of these initiatives on a survey is one thing. Actually doing them, is another.