Search
Advertisement

Business

Regulatory Resource   Threat Intelligence      Resilient IT      Boardroom Strategies      
Threat Intelligence / Strategies

Getting Smart About Data Loss Prevention

By Stacey McDaniel

Today’s mobile technology environment has had a profound effect on how businesses protect confidential and proprietary information. In fact, current trends in technology are essentially forcing businesses to shift their security approach from putting up walls around their infrastructure to finding ways to control the access and use of data while still making it available to those who need it. In addition, the string of high-profile breaches in the past year has made businesses of all sizes acutely aware of their need for a more comprehensive approach to truly protecting their data.

Since almost all businesses fall under some kind of regulatory or corporate mandate to protect private information, the absence of well-defined data protection policies and an enforcement plan can put organizations at huge financial risk and cause substantial reputation damage.

Mobile targets
Today’s workforce is increasingly mobile, and that means that more workers are using a wide range of mobile devices to access business data over insecure public and home networks -- all potential sources of data leaks. Thus, the challenge that businesses face is to keep their information widely available while at the same time asserting control over how it is being used and who has access to it.

In fact, a 2007 Gartner report identifies the influx of consumer-based technology into the workplace -- i.e. IM, social networking sites and USB devices -- as the biggest threat to a company’s security. Specifically, the report names four technologies that present the most risk:

  • USB devices The practice of downloading sensitive business data on devices such as portable memory sticks and MP3 players poses a substantial security risk. However, most businesses find it increasingly difficult or impractical to ban the use of such devices. In the absence of an outright ban, businesses should take precautions to limit the risks of these devices.
  • Social networks An increasing number of employees now post to blogs and participate in social networks and other Web 2.0 applications, both inside and outside the workplace. To protect intellectual property and other important data, businesses need to adopt clear policies on how sensitive information should be handled on blogs and social networking sites.
  • Mobile devices Today’s smart phones can be used like computers, but have increasingly become the target of malicious attacks. Without stringent compliance with security policies, the use of mobile devices can place confidential business data at risk.
  • Remote connectivity Allowing employees to connect to business resources from remote locations increases productivity and saves costs for many businesses, but it also means that many workers are accessing corporate data over insecure public and home networks.

The need for a comprehensive approach
A carefully thought-out and comprehensive approach to data protection starts with businesses asking the following questions:

  • Where is the data of the business stored?
  • How do the employees, partners and customers use it?
  • Is the information being downloaded on USB drives and other portable devices?
  • Is proprietary or confidential information being sent via email?
  • Is there a clear company policy regarding how sensitive information should be handled, and if so, how is it enforced?

Recent studies show that email and other messaging applications store as much as 75% of a company’s intellectual property. Data loss prevention tools can help businesses protect their confidential and proprietary information in today’s mobile technology environment.

Conclusion
The growing popularity of consumer technologies in the workplace is a constant challenge to the traditional security models of businesses. At the same time, a spate of recent high-profile data breaches is keeping the heat on businesses to find ways to control this complex security problem. As businesses continue to face unrelenting pressure to protect their data, security solutions and tools can help businesses of all sizes protect their confidential and proprietary information in today’s mobile technology environment.

 

Stacey McDaniel has been writing about high-tech issues for more than six years.

CIO Strategy Center is a daily editorial resource offering innovative insights and strategies for building an integrated, secure and resilient IT infrastructure.

Articles by Topic
Spam and Viruses
Preparedness
Strategies
Related Content

Features

View More


Metrics

View More

Fast Fact

Today’s workforce is increasingly mobile, and that means more workers are using a wide range of mobile devices to access business data over insecure public and home networks -- all potential sources of data leaks. Thus, the challenge that businesses face is to keep their information widely available while at the same time asserting control over how it is being used and who has access to it.
Sponsor Tools

Resources

White Papers

View More


Podcast Audio Content

CIO Strategy Center is now available in audio format.

This week's feature topic is:


Cyberthieves Turning to More Invasive Approaches
Playtime: 8 min 53 sec



Download | Subscribe

Copyright © 2008 Studio One Networks. All rights reserved.

© MMVIII, CBS Broadcasting Inc. All Rights Reserved.