A new service aimed at companies that are experiencing data retention challenges including IT budgeting, data classification and security strategies as well as productivity issues. The new FlexSecure Verify DR is the latest in Informatica’s Verify line of standards-based security audits and assessments. The proprietary methodology examines data retention practices, identifies industry and budget requirements and evaluates the risks associated with information management. Of particular relevance to organizations in regulated industries, Verify DR is also applicable to companies that are seeing rising costs associated with data storage and confidential information collection.
Company president Claudiu Popa is one of Canada’s foremost authorities on information security: “Verify DR is the best audit methodology available to tackle compliance, security, privacy, business continuity, brand protection, intellectual property and productivity issues. In my experience, Canadian companies, especially those in the health, finance or government sectors are finding it difficult to manage information because its sensitivity and classification are often unknown. We see many organizations that are either storing too much, or too little data and this often causes operational problems for the business later on. This non-intrusive audit answers the question: ‘what data can we dispose of and when?’ With Verify DR, we are not only able to give them a sense of what challenges they may be facing, but also help with data classification, regulatory compliance and data retention policies. This is not a cookie cutter service, but a robust methodology wrapped around a fully customized service for every client.”
Many organizations have access to qualified lawyers and accountants, but in many cases the challenge of taking an enterprise-wide look at data management risks is a project that is best left to experts. “Today’s executives understand that data retention is a major business issue but they also realize that it is a balancing act between business/accounting/regulatory needs, security risks and legal issues. The complexity of such a project often relegates it to the bottom of the priorities pile. Conflicting demands for auditable record-keeping (imposed by Freedom of Information regulations or the U.S.A. Patriot Act) are often confusing when companies try to impose data destruction practices to satisfy the privacy regulations and their own limited budgets for storage and security” said Popa who has been helping companies create data classification and retention strategies for over 11 years.
Since the records management and document destruction debacles faced by Enron and Arthur Andersen, corporate practices have seen increasing degrees of scrutiny every year. Internet service providers and companies in many other industries may be required to not only preserve transactional logs and client information for a specific amount of time, but also to keep the data absolutely secure to avoid severe penalties. According to Informatica, Verify DR is not only a compliance tool, but also an effective way to help with IT budgeting, brand protection and data retention practices implementation. “The challenge faced by today’s companies is to retain enough data, for a specific period of time and to store it securely.” said Popa.
World-class information security assessments and compliance audits
The FlexSecure Verify family of audits and assessments is based on 12 years of best practices and standards-based business assessments, product testing and policy audits. As Informatica’s flagship service, Verify helps dozens of organizations protect themselves and their client base each year, with a methodology designed to uphold industry standards such as ISO17799, SysTrust, PIPEDA, Sarbanes-Oxley or any government threat and risk assessment (TRA) processes. Each engagement is completed by an accurate report on the security posture of products, networks, systems, Websites and applications.
FlexSecure Verify is the combined work of certified Informatica professionals and best-of-breed technology. Three types of Verify engagements meet the needs of today’s organizations: internal security audits, external vulnerability assessments and Verify for Business, which includes business process reviews, policy and procedures analysis and Verify DR for data retention.
Toronto-based Informatica Corporation is Canada’s information security consulting leader. Over the past 16 years, Informatica has provided consulting, analysis, implementation and training solutions to SME and enterprise clients in diverse sectors. Informatica clients include financial organizations, government, non-profit organizations, services, manufacturing and health organizations.
The Informatica group of companies offers diversified security solutions including best-of-breed commercial products, research and analysis, strategy and implementation, corporate training and security awareness certification for all corporate employees.