The most common reason for data being leaked is unintended errors by employees, resulting in 18% of data breaches.
Where do you start?
As a security professional it is your responsibility to reduce risk from data leakage and maintain compliance with industry regulations, but where do you start?
The first step is to develop a strategy that balances the need for high business productivity with strong IT security. Focus your strategy on these three critical areas:
The first step in minimizing risk from data leakage is to know where your data is. How much is stored in your own datacenter (LAN)? How much is stored on user devices? And how much is stored in the cloud? Understanding how much of your data ends up in the cloud and where that data is physically stored is of growing importance as strict data protection laws demand a certain level of control of how sensitive data is secured and have led to agreements such as Privacy Shield or the upcoming EU General Data Protection Regulation. Cloud Application Control can help provide this visibility so you can determine where your organization is at risk.
Weak or stolen passwords are exploited in more than 60% of all network breaches*, so it is vital that you keep the access to your data under tight control by having strong user authentication in place. Multi-factor authentication ensures that your data is no longer accessible to anyone with just a password. This reduces your attack surface, helps maintain compliance, and minimizes the risk of data leakage significantly.
* Source: DBIR 2016.Explore Multi-Factor Authentication
Once you have visibility into how data is accessed and shared you can begin to address the issues making your business vulnerable to data leakage. For example if some employees use unsanctioned apps like Dropbox to share data externally, then your team can work to make sure there is a secure sanctioned alternative like e.g. Citrix ShareFile with strong user authentication.
Another example could be if you discover that certain employees are sharing work files via unsanctioned instant messaging applications. You can address this potential data leak with Cloud Application Control and easily disable the specific function within the app to upload files but without blocking the app altogether.
These valuable insights into typical data sharing behavior allow you to implement effective security policies, suggest alternative applications, and educate users on the risks of data leakage.Explore Cloud Application Control