Blog

Tag: UEBA

Granular access controls are important to protect unstructured dataIn our last post, we said “Without granular access controls, you can’t prevent a user from copying data from a file and pasting it into an email, for example. If you only encrypt a file and do not prevent copy and paste or printing, a user can easily compromise security.” And we meant it.

Now,  you might be asking yourself “What does it mean… granular access controls?” And the answer is simple.

Granular permissions or access controls means you grant specific permissions or enable actions when a user opens a file.  This means you can either allow or prevent a person from doing things in a file when it is open – or “in use” – and since data in use is really difficult to protect, wouldn’t it make sense to add this layer of protection?  By applying granular access controls, you can prevent someone from copying and pasting, taking a screen shot, or printing based on the classification of the file and security policy applied to it.  Users can be either granted or denied specific actions when a document is open.

Intellectual property is extremely valuable to your business, but it is really vulnerable to theft.  Think about your product design plans or maybe your trade secrets or product roadmaps.  Anyone could copy and paste that information into an email and send it to anyone, take a screen shot and text it to a friend or print it and walk out the door with a piece of paper.  If you’ve followed our first webinar “Overcoming Unstructured Data Security and Privacy Choke Points“, you will hopefully be thinking about getting your first line of defense, or your foundation built.  In our next webinar,  “How Granular Access Controls and User Behavior Analytics Close the Gap on Insider Threat” on Wednesday, August 7, 2019 at 11:30 am EST, we “get granular” about granular access controls.

 

Photo credit Kelli McClintock

Protect against insider threatsPicture it.  Your employees access sensitive and confidential customer information every day so they can do their jobs. Once the data leaves the protected confines of an information repository, file share or cloud-based service, your authorized users can share it with anyone, do anything with it and compromise your customer’s confidential information or your intellectual property.  As a result, you may be subject to regulatory fines, not to mention losing customers because they can’t trust you to maintain their confidentiality. And as for IP?  It could get in the hands of your competition, threatening your business.

What do you need to do?  You need to persistently protect confidential data so that customer information and your IP is protected regardless of where it goes and who has it.  Through a file-centric approach, you need to close the security gap that allows you to share sensitive data with unauthorized users by applying granular access controls to sensitive data.  Without granular access controls, you can’t prevent a user from copying data from a file and pasting it into an email, for example.  If you only encrypt a file and do not prevent copy and paste or printing, a user can easily compromise security. 

Picture it.  When you hire an employee, you are trusting them to always have the best interest of the company at heart. The employee trusts that the company will help them reach their goals in terms of career and advancement. Trust should be a two way street.  But in the former, it isn’t always black and white, because we know two things:

  1.  No one is infallible
  2.  Malice exists

To elaborate further… not so much on “No one is infallible” because we all know, mistakes happen.  Information can be accidentally sent to the wrong person through email either internal or external to the organization.   But for the sake of statistics and surveys, IBM recently published a study and cites that “…inadvertent breaches from human error and system glitches were still the cause for nearly half  (49%) of the data breaches in the report, costing companies over $3 million. 

But maliciousness, unfortunately is a reality.  Clear examples of why data may fall victim to exposure include:

  • The employee who gets let go   
  • The employee who leaves the organization because they feel they are being treated unfairly
  • The employee who decides they can advance their career by taking intellectual property or trade secrets to the competition 

As an organization, you can mitigate these risks by applying granular access controls and utilizing user behavior analytics.  This is the topic of my next webinar, “How Granular Access Controls and User Behavior Analytics Close the Gap on Insider Threat” on Wednesday, August 7, 2019 at 11:30 am EST.   If you have an interest in protecting your sensitive and private data, you should.

Photo credit Arlington Research 

Categories
fasoo_logo
Contact Us
Your data security journey starts from here!
See how Fasoo can help your data privacy and security.