At the heart of a business valuation, there is a flow of strategic, technical, commercial, financial, as well as organizational data. Among all this data, some is considered “sensitive” given that their value depends almost exclusively on their secrecy or confidentiality.
Effective management is necessary for strategic data.
Businesses (and organizations) have a value that can be tied to protecting information. Especially when this information is at the heart of particularly competitive innovations. Likewise, the competitiveness of companies may depend on the sharing of information between commercial and financial partners. The performance of organizations is therefore subject to the notions of “saying too much” or “not saying enough” which constitute the strategies of companies.
Internal communication in companies must be carried out with consideration given to the sensitivity (or secrecy) of the information being communicated, while also keeping in mind the societal context which requires transparency for all stakeholders. It is therefore in the face of these various considerations that companies must formulate their information management strategies to protect their sensitive data.
This management enables companies to take legal action in the face of potential predators who are eyeing their strategic data.
A five-step process
Confidentiality can be managed by following five steps:
1. Identifying sensitive information
Before wanting to protect certain data, it is essential to identify it within businesses, the life cycles of products and services and the pursuit of various projects.
2. Data classification
Once identified, data must be classified according to the level of protection it requires: public information, internal information, internal and confidential information and internal and secret information.
3. Risk analysis
Risks must also be analyzed if a correct assessment of sensitive information is to be achieved. The analysis focuses on several criteria including the importance of the information (or its usefulness) and the degree of seriousness in the event of unintentional disclosure (the level of threat that this would pose to the company).
4. Protection of secret data
In the protection of this data, several elements must be considered:
- The physical resources and information that ensure the security of sensitive data.
- The establishment of management and management system for this data.
But it is also important to:
- Perform audits of existing resources.
- Get recommendations for operational strategies if necessary.
- Deploy solution to current suppliers or research new ones.
5. Promote the development of managerial culture.
In addition to all the systems that must be allocated to protecting and securing data, the management of sensitive information must encourage a strong internal culture. It is not intended to create a cult of secrecy in the company, but to make it possible improve the communication of sensitive information.
Presentation : Geotrend presentation – YouTube
Articles in French by the same author : Erwan Coatnoan de Kerdu, Author at Startup Info