Before our current situation, you and your teams may have implemented a comprehensive data protection plan. The scope of change businesses are currently facing is something none of us could have predicted. These changes will continue to impact how we work in the future. How can you be sure your data protection strategy can support this new way of working?
It’s a question many organizations are asking. Times of massive change often set the stage for reassessment. At Forcepoint, here’s some things we think about when creating or refining any data protection strategy.
More employees working remote most likely means an increased reliance on cloud services and applications. Modern data protection strategies focus on supporting users where they are. That means devising a plan that protects data on premises and in the cloud; and one that protects data being accessed from multiple hardware devices and a host of new cloud applications.
The whiteboard below shows the different channels that need to accounted for in your data protection strategy. As business evolves the usage and policies around these channels require careful consideration and need to be updated accordingly. With more employees working remotely, some channels such as cloud storage, cloud SaaS (including video conferencing apps), chat/IM or other collaboration tools will drive more activity while others may stay the same (like email) or perhaps see reduced activity (like printers or USBs). Policies which can be implemented over every channel including on-premises and cloud will allow you to deploy once and leverage across all channels.
Sensitive data movement could then be altered due to the change in employee behavior patterns and applications used – factors affecting which may include less physical oversight or simply due to new workflows put in place. Technologies like data fingerprinting become increasingly critical because of this trend. Here is a video showcasing how data fingerprinting works:
Employees performing tasks remotely, like sharing customer credit card numbers or other sensitive/confidential data over email or other channels, can be blocked using DLP policies. These can be low and slow data theft attempts where a user does not send all the sensitive data at once but instead tries to sneak under that radar. We can leverage DLP policies which aggregate the activity over time and stop the behavior as soon as it is considered malicious. These policies still allow good employees to be productive as it is not a static blocking policy impacting everyone working with sensitive data. Here is a video showcasing this example:
Employees working remotely might also leverage file-sharing or cloud storage apps via personal accounts (shadow IT) for convenience. Typically, employees are not malicious; they are simply focused on being productive. However, this behavior prioritizes productivity over security. A DLP solution which encompasses cloud apps and works seamlessly with CASB is essential.
If you have a DLP solution deployed, chances are these strategies can be implemented fairly quickly with no additional or significant cost. Our solution experts can help with your specific reassessment plan.
Protect your remote workforce in today’s environment – learn more here.