Picture it. Your employees access sensitive and confidential customer information every day so they can do their jobs. Once the data leaves the protected confines of an information repository, file share or cloud-based service, your authorized users can share it with anyone, do anything with it and compromise your customer’s confidential information or your intellectual property. As a result, you may be subject to regulatory fines, not to mention losing customers because they can’t trust you to maintain their confidentiality. And as for IP? It could get in the hands of your competition, threatening your business.
What do you need to do? You need to persistently protect confidential data so that customer information and your IP is protected regardless of where it goes and who has it. Through a file-centric approach, you need to close the security gap that allows you to share sensitive data with unauthorized users by applying granular access controls to sensitive data. Without granular access controls, you can’t prevent a user from copying data from a file and pasting it into an email, for example. If you only encrypt a file and do not prevent copy and paste or printing, a user can easily compromise security.
Picture it. When you hire an employee, you are trusting them to always have the best interest of the company at heart. The employee trusts that the company will help them reach their goals in terms of career and advancement. Trust should be a two way street. But in the former, it isn’t always black and white, because we know two things:
- No one is infallible
- Malice exists
To elaborate further… not so much on “No one is infallible” because we all know, mistakes happen. Information can be accidentally sent to the wrong person through email either internal or external to the organization. But for the sake of statistics and surveys, IBM recently published a study and cites that “…inadvertent breaches from human error and system glitches were still the cause for nearly half (49%) of the data breaches in the report, costing companies over $3 million.
But maliciousness, unfortunately is a reality. Clear examples of why data may fall victim to exposure include:
- The employee who gets let go
- The employee who leaves the organization because they feel they are being treated unfairly
- The employee who decides they can advance their career by taking intellectual property or trade secrets to the competition
As an organization, you can mitigate these risks by applying granular access controls and utilizing user behavior analytics. This is the topic of my next webinar, “How Granular Access Controls and User Behavior Analytics Close the Gap on Insider Threat” on Wednesday, August 7, 2019 at 11:30 am EST. If you have an interest in protecting your sensitive and private data, you should.
Photo credit Arlington Research