October is National Cybersecurity Awareness Month (NCASM) in the US, a joint effort between government and industry to raise awareness about the importance of cybersecurity. This year’s NCSAM theme is personal accountability both at home and in the workplace. As this theme reminds us, all of us as Data Citizens are responsible for ensuring that personal, corporate and consumer data is protected.
If an organization and its Data Citizens can secure their data, they can trust their data and drive better collaboration and decision making. Only then will they be able to unlock the value of their data, turning it into a strategic, competitive asset that powers Data Intelligence. Being able to secure data requires a combination of both technology implementation and people processes.
At Collibra, security is vital to everything we do and plays a key role in everything from how we build and deliver our software to how we hire and train our employees. In the spirit of sharing best practices for Cybersecurity Awareness Month, here are some of the ways we have built a security savvy culture:
Operational practices: As a global organization, Collibra must comply with various international privacy regulations. One of the ways we comply with international privacy regulations is by maintaining a comprehensive, written information security program that contains technical and organizational safeguards designed to prevent unauthorized access to and use or disclosure of customers’ data.
Software vulnerability management: We scan code for vulnerabilities and complete a peer code review before code is committed.
Incident management: We have a formal security incident response plan in place. This involves all aspects of Collibra’s team including CloudOps, Development, Support, Legal, Finance and Executives.
Security at the core of our technology: We create and maintain a rigorous control security framework built around regulatory, legal and statutory requirements as well as industry best practices.
Cloud architecture: Our cloud architecture is designed to segregate and restrict data access based on the customer and on the customer’s business need. The architecture of the cloud environment used by Collibra provides logical data separation and role-based access privileges, all controlled on a customer-specific level.
Security training for all employees: All Collibrians have access to security training and job-specific training by role.
Collaboration with the security research community: We participate in the Cloud Security Alliance Consensus Assessments Initiative (CAI), a project launched to perform research, develop tools, and create industry partnerships focused on providing industry-accepted methods to document security controls.
Organizations aiming to prioritize cybersecurity should take a closer look at both the technology and the people that are critical to their processes. Committing to security requires training true Data Citizens who implement security best practices from the point of data inception through the full Data Intelligence journey.
Myke is responsible for owning and championing the company’s security governance and advocating for both customers and Collibra’s technology.