Skip to main content

Who’s Looking At Your Data?

By May 16, 2014March 6th, 2023Blog, Technology News

binary-65473_640 (1)You’ve probably got a good idea who should be looking at your data, the question is, who actually is looking at your data? One would hope that the two lists were close to, if not exactly identical, but what if they’re not, and how could you possibly know?

Depending on the line of work you’re in, there may be a whole lot more people with eyes on your data than you first thought. Here’s how and why:

The Obvious Stuff – Network Security

The first and most obvious thing to check is to perform a network security audit to see who has what level of access to your system, and based on that level of network access, what sorts of data that makes them privy to.

Hand in hand with this, you should really look into adopting a data classification system, then tying it to your network security system such that you can exert an increasingly fine-grained control over who can see what data, based on the interaction of both variables (network access level and data security level).

Project Management/Collaboration Review

Especially if you have data on cloud-based resources—which makes it easy to share with people outside your company—you need to review all policies and procedures relating to collaboration, as well as any and all projects which involve outside talent. By conducting this sort of end to end review, you can not only get a better overall picture of who can see what, but you also have the opportunity to further tighten things up in that regard.

Less Obvious Stuff – Research Teams

In particular, research teams that receive all or part of their funding via grants. In many cases, the money comes with strings, and those strings usually involve sharing of data with the agency giving the grant at the very least, and sometimes with a wider group than that.

Hackers & Thieves

An ever present danger, of course. It could be that people who don’t have your best interests at heart are trying to gain access to your systems, your customer records, and/or your sensitive or proprietary data. More often that not, such attempts leave behind trace evidence, and even when they don’t, hackers often want you to know they were there, so they’ll make it obvious. If you are hacked, they’re probably going to sell your data to the highest bidder, so there’s no telling just how far and wide your data will be cast. In these cases, unfortunately, there’s no reeling it back in. All you can do is shore up your defenses so as to be better prepared for next time, and understand that there very likely will be a next time. It’s as close to a statistical certainty as we can get.

Prying Eyes

Then there’s the government. The NSA and other agencies who spy on us “for our own good.” Unlike hackers, these guys don’t leave a trace. You’ll never know they were there, or what they saw, and they’ve got the most advanced toys and the brightest minds in the business. There’s no good way to protect yourself from them, and there’s no way to know what they saw. Thinking about it too much will only make you seem paranoid, but it’s worth mentioning. If they can—and they can—then they probably do.

As you can see then, the answer to the initial question, “who’s looking at your data?” is almost always some variant of “More people than you first imagined.”

Chris Forte

Chris Forte, President and CEO of Olmec Systems, has been in the MSP workspace for the past 25 years. Chris earned his Master’s Degree from West Virginia University, graduating Magna Cum Laude. He was a past member of the Entrepreneurs’ Organization, a current member of the New Jersey Power Partners and Executive Association of New Jersey, where he has previously served on its board of directors. In his spare time, Chris enjoys traveling with his family. He also admits to being a struggling golfer and avid watcher of college football and basketball. He currently lives in Boonton Township, NJ with his wife, two daughters, son, and black lab Luna.