Business Policies and Practices for Ensuring Data Security: An Exploratory Study

Abstract

Business policies are the formal and informal rules that govern the behaviour of organizations. The increasing dependence on technology and the rise of cybercrime have made it imperative for businesses to focus on data security policies. In this research paper, the focus is on examining the various business policies related to data security, the impact they have on the overall security of an organization and their effectiveness. Today's organizations operate and compete in a way that has undergone a fundamental digital shift. Data governance is becoming more important as a result of the increasing number of data that businesses produce, manage, and store. Furthermore, computing systems are more complicated than they used to be, frequently encompassing the public cloud, the enterprise data centre, and a wide range of edge devices, including Internet of Things (IoT) sensors, robots, and remote servers. Its intricacy increases the attack surface, making it harder to secure and monitor.The paper will be using a qualitative approach to collect data through interviews with IT professionals and managers. The objective of this research is to provide a comprehensive understanding of the current business policies related to data security and how they are being implemented. The paper will also explore the challenges faced by organizations in implementing these policies and the measures taken to overcome them. The research paper will present the findings of the study and draw conclusions based on the data collected.