Here’s a checklist of things that will help you keep a confidential project within the safe borders of your team or company.
Here I explain each item in detail.
Train or coach your people
Let people know how to deal with sensitive information and how to deal with common online security risks (they don’t teach this in university). It’s very important to have clear rules about the use of social networks, people will talk about their day on Twitter and Facebook anyway, if it’s not at the office, it will be at home. Don’t try blocking social networks on your network, laying down any kind of hard local constraints like that is ultimately a waste of time for everyone.
Confidentiality is a cultural thing
We educate each other, just by working together. It certainly help to set an extreme example. One company I did consultancy for fired someone on the spot because he was overheard talking about a secret new product in a company cafetaria that was accessible for people outside the company too. Harsh but effective, news spread like wildfire. I do not recommend doing this without consideration.
At least make confidentiality a topic on kick offs, team meetings, one-on-one’s, … until it’s part of the team mindset.
Certainly if your project is the odd one out that requires (additional) confidentiality you’ll have to take precautions.
Talk with your HR department
Newcomers should be introduced immediately about security, confidentiality and data protection. We are animals of habit, anyone who’s used to broadcasting every bit of news will be inclined to do so.
If you have areas that are off-limits, make sure everyone in your team is cleared and has access before they need it. “Because they didn’t let me in so I used the previous model to run the tests.” is the last thing you want to hear when you come back from a holiday, trust me.
Let people know who in management is responsible for security and privacy. If you have a Data Protection Officer (DPO), introduce this person to your team.
Tailor your project templates
Add fields like “confidentiality level”, using these 3 degrees of confidentiality should cover most of your needs:
Make sure your briefing material instructs your team on the way data should be stored. This often includes:
Of course you and your management have to be a living examples. Nothing says it’s OK to break the rules like seeing a VP or the CEO breaking doing so.
Social Widgets powered by AB-WebLog.com.
Post a Comment
Posting your comment...