Should data security be automated to the point where the process of achieving it is completely invisible to end users? Automation is the holy grail of data security to many security experts and vendors who envision the day when information is locked down and secured before anyone touches it.

However, not everybody agrees with this goal, arguing that long-term data security may be more assured when informed users are part of the process. That's a view shared by Richard Timbol, security manager at Amalgamated Family of Companies, who sees data security as an employee's responsibility as much as the company's. "If you put too much responsibility on the corporate side, you're doing a disservice by not improving the education level of your employees, of their responsibilities to protect live data," he says. "It's good for employees to have that knowledge. We believe in a strong security awareness posture, and not just to have a bunch of big brother rules forced upon employees."

Register or login for access to this item and much more

All Digital Insurance content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access