While today’s data breaches may differ in terms of attack type and origin, they all produce the same result – significant data loss. Data is the lifeblood of most modern companies and the long-term negative impact on those who suffer breaches demonstrates just how serious the issue of data loss has become today. But as hackers continue to get smarter and more persistent, what can companies do to protect their information? Below are five recommendations that will help your company keep its sensitive data out of the wrong hands.
- Identify Where Sensitive Data is at Risk
- Don't Rely on the Traditional Network Security Focus
These inevitable holes mean the network will always be vulnerable to attackers. Add to this the fact that many employees operate in a mobile environment and demand access to sensitive information on their phones and tablets, devices that traditional network security measures don’t protect. A layered approach to security is becoming increasingly important for companies, with device-focused technologies such as mobile device management (MDM) playing a pivotal role.
- Focus on Data Protection Solutions
Several proven data protection solutions on the market ensure security travels with the data. Called data loss prevention (DLP), these types of solution help classify data, put a usage policy against it and strictly enforce it. But DLP is no longer optional for any company wanting to protect sensitive customer data. This is the reality of the environment in which we now live and work.
If you make it fractionally harder to steal sensitive information, or render data useless once outside the network, attackers will move to another company that presents an easier target. Several leading analyst companies, including the above mentioned Forrester, are changing the conversation when it comes to data protection. As data remains the target and its attack surface continues to grow larger than ever before, protecting that data must be at the core of any company’s security approach.
- Consider Outsourcing your Data Protection
- Go Beyond Traditional Security Training with Positive Social Engineering
Customers and business partners will increasingly demand that companies show proof of ongoing security and monitoring to protect sensitive data. The security of the information supply chain is gaining traction within IT security circles and companies are realising that the weakest link in their security posture may not be within their perimeter walls but rather inside the walls of those they choose to do business with. If you follow these steps, not only will you be able to demonstrate how you’re protecting their data, you’ll also be in a position to use your advanced security posture as a differentiator with new customers.
By Mark Stevens, Senior Vice President, Global Services at Digital Guardian