Don't leave your virtual filing cabinet open: Part One
Data loss prevention know-how
In our rush to make data easy to share and save, many organisations have left their virtual filing cabinets wide open, providing a tantalising opportunity for hackers and other cybercriminals to access confidential corporate data.
So why would businesses take such a cavalier approach to data security? The answer is mobility. Spurred on by the unquenchable desire for employees to work remotely and on-the-go— corporate IT has barely been able to keep their heads above water. For most organisations, it's a struggle to provide basic support to employees using everything from iPhones to laptops.
Even if IT has appropriate security measures in place — employees will find creative (and often non-compliant) ways to move data around. For example, one corporate business struggled with employees emailing themselves confidential documents to their personal computers so they could work remotely.
Another found that some employees had downloaded early versions of cloud storage services that were notoriously lax on security and easily hacked, but useful for sharing files when working remotely.
There was no ill intent on the part of the employees; they were merely focused on being productive. However, this is an example of employee behaviour inadvertently putting corporate data at risk. This is not a revelation. IT has been monitoring the movement of data by end users for many years using data loss prevention technology or DLP.
Data Loss Prevention
DLP technology provides IT with the means to follow corporate data based on end user activity. This can be data moving via email, thumb drives, and other measures.
Most solutions on the market provide IT with a variety of options from non-intrusive flags back to IT for further investigation, through to blocking the end user from performing a specific activity such as saving data to a thumb drive.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Granular controls include identifying specific types of data to be tracked including intellectual property, credit card numbers, private health information, social security numbers, key words and other criteria.
DLP technology hit a major stumbling block when employee mobility exploded within corporate IT. Most traditional DLP solutions provide a server-based model of data protection; which makes little sense when you consider that the devices storing the data are often outside the office, and off the corporate network altogether.
Proactive & Persistent Data Security
The challenge with a mobile workforce is the potential to lose track of devices once they're off the network. Ideally, your DLP solution is built to remain with the device regardless of user or location, and even in spite of efforts to remove the software client from the device.
Endpoint security solutions should be able to provide this type of persistent connection, ensuring IT is always able to monitor and secure the endpoint and its data. By providing IT with insight to the status of each device as well as the ability to monitor the movement of specific corporate data (regardless of user or location), your organisation will have the necessary keys to keep its virtual filing cabinet firmly locked against all intruders.
- Stephen Midgley oversees all aspects of global marketing and product management at Absolute Software including corporate communications, product marketing,demand generation, and the company's presence on the web.