What About Those Regulations?
It seems as though not a day goes by without the media reporting on issues of identity theft, personal privacy, intellectual property, and other technology- and lifecycle-related topics. How data and information is used and how secure it is remain critical issues.
The objective of regulations, governance, and laws is to protect the confidentiality and secure the correct focus.
IT has a daunting challenge. The myriad access devices and the number of ways that information can be inappropriately obtained from these devices is obviously a concern to everyone. In fact, IT might not even have control over access devices that come into an organization. Disposal of the various devices is also a recognized challenge.
All the regulations, governance, and laws have one principle in common: They hold businesses (and in some cases, individuals) accountable for the information and its access.
Regulations, laws, and governance are perhaps the easiest and most compelling rationale to adopt lifecycle management. A strong lifecycle management practice is the best way to protect the information. Those businesses that have not embraced lifecycle management are at a considerable disadvantage.
We all conduct business with many companies that handle and use personal information. We expect that this information will be appropriately used and secured. In many cases, the law requires it. As consumers, we fully expect businesses to have a lifecycle management program that ensures that their access devices (and more specifically, the information they could contain or have access to) will be handled in a manner that poses the least risk. This is yet another reason that lifecycle management is no longer optional.