The Case for ERM
The case for ERM
Before we implemented ERM, a candidate we were considering for an open position walked into my office for an interview and opened up a binder that clearly contained one of our internal training documents-a highly confidential one at that. The candidate said that he had received the file from an overseas business contact of ours.
This floored me because Sterling-Hoffman has always placed a premium on its data security practices and this was a major hole within our armor. I realized then that we couldn't share any information overseas or with our partners in good faith until we could protect data at the information level. We began working with ERM shortly thereafter.
ERM also helps address our third-party challenges by placing expiring access dates on sensitive information. This gives confidential information shared with partners, outsourcers and employees a shelf life and cannot be viewed by them-unless given permission from our IT staff outside of a set time frame. Former partners and employees simply cannot access or share data after their engagement with Sterling-Hoffman is over, which is a nice insurance policy.