Are You Asleep at the Switch?

Encrypt files upon creationMore organizations are taking data security very seriously as they realize they may not be as safe as they thought. Small and large organizations implement perimeter security systems, like firewalls, intrusion detection systems, data loss prevention and more. They try to lock down devices and the network. They put complex passwords on important systems and try to control viruses and malware.

Unfortunately with all this security, data breaches still occur. Attackers steal payment information, account credentials, intellectual property and trade secrets. Sometimes an organization appears to have everything covered, but the human element gets in the way.

Breaches fall into two categories: accidental and malicious.

Accidental data breaches are caused by misplaced laptops, external hard drives, or USB flash drives. Employees or contractors may share sensitive data through email because they selected the wrong email address. Another problem is leaving sensitive data on retired desktops, severs or mobile devices.

Malicious or deliberate data breaches are either done by hackers looking to mine sensitive employee and customer information or by an employee who wants to make some money or otherwise hurt the organization. Sometimes it’s difficult to determine the person’s motivation, but the end state is still the same. Your organization is compromised.

The answer is to control the information when you create it by encrypting it and assigning policies that determine who can access the information and what they can do with it. You need to encrypt files and apply a persistent security policy on each document to prevent unauthorized users from accessing them. You can decide who can view, edit and print the document. If a hacker gets hold of the file, it is useless to them. If a malicious employee gives the information away, you can kill its access. T he same is true for accidental breaches. If an employee sends a document outside the organization, the external party will not have authorization to use it. If they somehow do, you can remove their access immediately, no matter where the document resides.

Perimeter security is important, but it’s not enough to stop the bad guys. Implementing a is a file-based security solution is your best bet.

 

Photo credit Frank Hebbert

Leave a Reply