Tuesday, Feb 09, 2021

For the Love of Data

Starting back around Valentine’s Day 2020, many businesses around the world sent employees to work from home. This year, the pendulum is swinging back, with some organizations looking at doing a “partial return” in which people split their time between home and the office. Thankfully, nearly ubiquitous internet broadband and widespread adoption of cloud-based productivity tools has made working remote far easier than it could have been. But it hasn’t come without some risks.

Enable Remote Working for the Long-Term: Ditch the VPN, Keep the Apps

With the traditional security perimeter all but dissolved, data has become very difficult to protect. We saw a big spike in COVID-related phishing and other cyberattacks. And the amount of potentially sensitive employee, business and customer data now sitting on employees’ laptops and in cloud applications represents an almost “too-good-to-be-true” target for malicious hackers. It’ll be some time before we realize the full extent of the damage.

If you love your data, do NOT set it free

With company data now being distributed across so many devices and touchpoints, enforcing consistent data security policies no matter where people are working has never been more crucial.

A few key areas of concern:

  • Home internet routers are easy to hack so that network traffic is exposed
  • Corporate VPNs can create productivity bottlenecks
  • An increase in email volume helps phishing and spoofing schemes blend in
  • Shadow IT is rampant, making controls for cloud apps more important than ever

To ensure business data is protected, CIOs and CISOs should ask themselves and their employees a few questions:

  1. How is sensitive data being accessed?
     
  2. Which applications are being used?
     
  3. What devices and networks are being used?
     
  4. Is company data getting copied onto personal devices?

The answers often reveal potential bottlenecks and security exposures in the company. To reduce the risks, here are a few measures organizations can put in place to keep their data safer:

  1. Set up a document security policy: Establish guidelines that employees can follow when naming files, creating folders, setting up access, saving files, and sharing files. This makes it easier for people to identify sensitive data and handle it properly, so that accidents that can lead to leaks and data privacy compliance violations are less likely to happen.
     
  2. Establish a remote work security policy: Processes must be put in place so that no matter where your employees work, there is consistency in the way they work, coordinate and communicate. More often than not, it is the irregularities that cause data to get compromised as users may not immediately recognize the dangers that exist when accessing and sharing data remotely.
     
  3. Embrace the cloud: Wherever possible, make sure all business data and documents are on company-controlled cloud storage (rather than individual devices or personal file sharing services) with specific instructions on how and where to save files on the cloud. Sanctioned cloud applications should be monitored so that security policies can be applied to data stored in them.
     
  4. Backup employee devices: There could be various instances of network failure or other reasons data might be lost or compromised. Therefore, ensure that employees are always backing up their files even if it is automatic, or working off of cloud-native apps.
     
  5. Centralize communication: Instead of mixing different email, instant messaging and video conferencing services for internal communication, consider consolidating to keep communications centralized. Microsoft Teams, one of the fastest-growing cloud-based collaboration systems, provides chat, group chats, video calls and more. It is also connected to OneDrive, keeping all files in one place and making them easily shareable and controllable within an organization.
     
  6. Require explicit permission at all access points: This may seem to be a very simple suggestion, but make sure people have to be specifically authorized to get to the items they need. This is the principle of Zero Trust that we are writing a whole series of blog posts about.
     

With people and data now operating outside the traditional business boundaries, it’s more important than ever to take the right steps to keep them protected without sacrificing productivity. For tips on how to source, handle, maintain and protect your data against existing and future threats, watch our webinar Ditch the VPN, Keep the Apps. Enjoy!

About the Author

Jim Fulton

Jim Fulton is Forcepoint’s Director of SASE and Zero Trust solutions. He has been developing and delivering enterprise access and security products for more than 20 years in both Austin and Silicon Valley. He holds a degree in Computer Science from MIT.