Boards these days are concerned about security. Our reliance on technology has made corporate material vulnerable, and unless you’re an IT whiz, you may not be exactly sure how to vigilantly prevent data breaches in daily life.
The number of breaches in the U.S. reached an all-time high in 2017, and the current year isn’t tracking much better. In Canada this spring, two banks were hacked and face potential lawsuits as a result. As the infamous Colin Powell email leak from the Salesforce board revealed, data breaches can happen to the most buttoned-up of us.
When it comes to information, boards have a problem: they need quick, easy access to often highly sensitive material, yet they can’t expose that material to risk.
How can the board stay both nimble and secure?
We’ve observed that when organizations look at board management tools, they often focus only on the system itself, and don’t include the human factors. You need to consider both. Here are the two main questions organizations should ask in order to protect corporate material – and prevent becoming a data breach statistic.
1) How do the needs of board members impact security?
Understanding how board members need to work is key to choosing board management software that will keep your data secure.
Quick, direct access for directors
Directors, of course, are busy. They usually have demanding careers and may sit on multiple boards. They need quick, easy access to material, on their laptop and mobile device. They will work in airports and on planes. They will take the fastest route to their goal and the board management system you use must work the way they do and layer on security.
Board technology that’s proven effective at data protection provides access to directors even if they are offline on a flight, offers annotation and note-taking tools within the system and restricts downloads on sensitive documents so no board member’s shortcut puts the organization’s data at risk.
Despite the most rigorous of policies, directors also sometimes make mistakes, like lose their computer or mobile device. For data security, the board technology in place must make it easy to wipe data remotely if a device is lost or stolen.
Two-way communication tools for the board chair
The board chair may risk data protection at times of decision-making. In the rush for important decisions or input, chairs may share just a little too much information via email, which could be intercepted. To prevent this, you must provide technology that works better than conventional phone calls and email swirl.
With the right board management system, you can give the chair secure and simple tools to poll members remotely when the board must quickly make a decision. This will keep those discussions and decisions confidential and provide an audit trail.
2) Where can data be stored so it’s both convenient to access and secure?
Choosing a board management system can be tricky if you’re to ensure people use it.
If your system is too complex, people may go around it. How do you balance flexibility with protection?
Email: the too-easy option
Technology can sometimes be too simple. It’s easy to forward an email and carry on a discussion with multiple recipients – with the email trail in full view. We keep our email instantly accessible through the devices we carry around every day.
Generally, organizations know that email is not a secure platform for board communications. Board members are not even on your email server, and even if they were, email is simply too easy to share beyond safe borders.
Dropbox and SharePoint: a false sense of security
Systems like Dropbox and SharePoint are considered more secure, but they don’t offer enough options or protection for real human behavior.
Dropbox’s encryption level may satisfy the IT department, but Dropbox files need to be downloaded, and when they are, you’ve lost control of your documents.
SharePoint and other in-house platforms have a similar problem. Even if documents are accessed in SharePoint, they won’t necessarily stay in SharePoint when directors use them.
Board portal: security and convenience – with the right features
A board portal provides a secure platform for uploading board packages; securely sharing access and ensuring materials are viewed safely within the system.
The best board portals are designed to support human behavior. They also support one of the main gatekeepers of corporate data: the board administrator.
Whether an executive assistant or corporate secretary, the board administrator will compile and distribute your board package to the right people at the right time. They need to be empowered to add and delete directors, and restrict downloads. The right board management system helps the administrator support security by ensuring that only authorized people will obtain the material they distribute.
Accommodating the way humans truly work can be tricky. People are… well, people. The best board software providers embrace the way people work and build tools to support them.
For more information about safeguarding your board information, including a security checklist, watch our slideshow Securing Board Information: Simple Steps for Protection.