What are the most likely catalysts for data leakage? IT departments may now have entered a perfect storm of risks, emanating from rising use of cloud services, increasingly fragmented device fleets and ongoing consumerization trends in both software and hardware usage. As a result, many leaks occur accidentally, and total incidents have been ballooning in both frequency and scale over the past decade. An endpoint security and control strategy that combines technically precise monitoring tools with adequate employee awareness is the only way for organizations to protect themselves in the current threat-ridden environment.
Corporate applications like email services are often much slower, albeit more secure, than their consumer counterparts and perform less ideally outside the confines of the company network. Accordingly, employees often resort to popular commercial webmail services that run well in nearly any environment, and this universality pairs well with the self-supplied hardware, especially smartphones and tablets, which they use for both business and leisure activities.
IT departments must improve file tracking visibility
By doing so, workers create many endpoint security risks tied to the unsecured movement of files, although some fault lies with IT departments that have not adopted comprehensive monitoring tools. According to a IPSwitch survey summarized by CIO.com’s Rich Hein, departments often fail to keep tabs on activity from personal email accounts used on their networks. An older study found that more than 70 percent of IT executives had no visibility into file movements within their organizations.
By doing so, workers create many endpoint security risks tied to the unsecured movement of files, although some fault lies with IT departments that have not adopted comprehensive monitoring tools. According to a IPSwitch survey summarized by CIO.com’s Rich Hein, departments often fail to keep tabs on activity from personal email accounts used on their networks. An older study found that more than 70 percent of IT executives had no visibility into file movements within their organizations.
Aside from better performance speed, employees may use personal accounts to share large files that would otherwise be blocked by corporate email restrictions. Consumer cloud services like Dropbox have complicated data loss prevention efforts because of their similar facility with large file transfers, which users may tap into using an inter-app “Open In” button that is not properly secured.
“Opening documents in third-party applications presents some unique challenges related to putting corporate data at risk,” Fiberlink security officer David Lingenfelter, whose organization also conducted a survey on data leakage risks, told Hein. “The first risk is sharing data with third parties, including applications like Facebook and Dropbox. While employees may naturally use caution when forwarding emails, the ‘Open In’ functionality is much less obvious, and they may be leaking data using ‘Open In’ unintentionally.”
BYOD and lost devices
Endpoint management must also address a dizzying range of at-risk hardware. Hein cited a security study that found that 62 percent of IT employees believed it was okay to put corporate files on their personal devices, and that most of them never deleted these items.
Endpoint management must also address a dizzying range of at-risk hardware. Hein cited a security study that found that 62 percent of IT employees believed it was okay to put corporate files on their personal devices, and that most of them never deleted these items.
USB thumb drives are a common way to improperly move files, with 33 percent of Fiberlink survey respondents stating that they had lost a drive containing confidential information. However, security executives have to be aware of smartphones and tablets with increasingly large storage capacities supplemented by consumer clouds. Over half of respondents admitted to using such devices for work. Without remote wipe capability, a lost mobile device can translate into major financial and IP-related damage.
No comments:
Post a Comment