Data protection has become a top priority today, as digitalisation grows globally and businesses have been forced to step up security measures to protect valuable data. As such, data classification, broadly defined as the process of organizing data by relevant categories, so that it may be used and protected more efficiently and easily retrieved when required, is taking center stage in every organisation’s data protection strategy.
Sri Lanka has also taken measures in pushing forth the Personal Data Protection Act, which aims to adequately regulate the processing of personal data, where every activity that an organization engages in from confidentiality to storage of personal data, will fall under the spotlight. These compliance regulations intend to keep companies within ethical lines when handling personal data and places several obligations upon all data controllers/processors to ensure that the organization adheres to strict rules and regulations in its data collection and management.
In this context, PwC Sri Lanka recently launched their internationally renowned data classification consultancy services to the local market. They have been working with Sri Lankan businesses to help them effectively handle and manage their data and to help define an appropriate risk management framework, along with designing data classification policies tailored to meet the specific requirements of businesses.
Performing a data classification assessment within the organization, PwC also empowers and guides an organization’s business units to properly document critical information assets, determine the categories and criteria of their data, define its objectives, assign relative values to their data and manage data in ways that reflect its value to their respective businesses. They also support and train employees in maintaining proper data classification protocols and in implementing security standards.
“At PwC we bring together diversely innovative and unique solutions for information governance, cybersecurity and privacy to help businesses build trust in a digital, data-driven world. Data classification is of particular importance when it comes to risk management, compliance, and data security,” explained Nishan Mendis – Technology Consulting Leader at PwC Sri Lanka.
He further stated that if a company suffers a data breach, it could potentially put sensitive information in the wrong hands. This includes credit card information, passwords, and more throughout an organization’s network, including its clientele. This, in turn, can make the company liable for the financial loss or the theft of information..
“We understand the need for effective, data classification practices that are fast to deploy, easy to use and create significant cost savings. Our main aim is to support Lankan businesses in protecting their valuable data from adversarial efforts that may lead to potential data leakage and ensure that they have control of their confidential and sensitive information at any given time”, added Vengadasalam Balagobi – Director, Practice Head – Cyber Security at PwC Sri Lanka.
Having advised some of the largest companies in the world on their sensitive data risk and information protection needs, PwC’s practical, cost-effective and reliable data classification services have helped unlock the power of data across organizations in a range of industries globally. As such, their services are endorsed today as the leading standard by many government institutions, multinationals and organizations across the world.
With industry experts agreeing that data classification is step number one in the journey to mature as a company vis-a-vis data privacy, PwC Sri Lanka, given their vast experience in the sector, is in a strong position to support local organizations in implementing a well-planned data classification program, that will, in turn, play an extremely important role in their risk management and legal compliance requirements.