Information security is a big arena, and it seems like there are more and more holes to plug every year. Most organizations focus on perimeter-based security intending to keep out the bad guys. Unfortunately, that doesn’t address the accidental or malicious exposure of sensitive information by trusted insiders. Enterprise based data-centric security is security for individual files that keep data safe even after it’s left a company’s secure network — and that can be a lifesaver.
To understand why let’s look at the story of Company X. The Company was a strong, growing, medium-sized enterprise that was earning a reputation in its field. Leadership was aware of the need for strong data security, and the top-level executives invested a lot of time, effort, and money into securing the Company’s network and backing up all files. Its information security efforts focused both internally and externally: they went far beyond a firewall to keep out hackers, implementing smart policies and security controls on internal users to prevent intentional or accidental breaches of sensitive files.