I was speaking to a senior executive at a large organization recently and he made a comment that I thought was very timely. He said “we can no longer take the risk of having our most important information in a state that allows someone to intentionally or unintentionally expose it to the wrong people. The time for analyzing options is over. We have to do something now!”
Companies have invested millions protecting their data from threats both internal and external. Solutions range from standard perimeter security to endpoint encryption and Data Loss Prevention. The expectation from senior management is that with this multilayered approach the number of incidents would begin to subside.
The reality is the majority of these technologies are protecting companies against yesterday’s threats and based on how they are implemented continue to leave the organization vulnerable to advanced persistent threats. I recently spoke to a CISO that was implementing a Data Loss Prevention solution to reduce the loss of confidential information through email or by employees copying confidential files to USB drives. As they were deploying the application management began to receive a significant number of complaints from departments saying it was impacting productivity, so they ended up revising their original plan. The solution now monitors data and creates reports for management to review. Needless to say DLP is not the magic bullet that it is being sold as.
The answer to this problem is to secure the files at the source or at the moment they are saved. Applying a persistent policy based on user credentials and encrypting data is the best way to significantly reduce the threat of data loss while having little or no impact on productivity.
Today’s threat levels demand new approaches to protecting both personal and business information. Evaluate your options but avoid the “analysis paralysis” situation that we see so often. Secure your confidential files at the source and control your files regardless of where they are located!
Don’t wait until it’s too late to protect your most valuable data!
Photo credit Antonio Lopez