Compass (2)

The data landscape is constantly evolving. Whether it is due to recent high profile security breaches or the threat of DDOS attacks, businesses are constantly reminded of the consequences of failing to protect their data. Navigating this environment and choosing the right solutions will require an understanding of business operations, and an organisation’s own IT landscape.

Ultimately IT is there to support, compliment and drive business activity, so ensuring the efficiency of security tools is essential. When determining how to best protect data, there are three things that you should prioritize – maintaining productivity, understanding security needs, and staying focused on what is best for your organisation – which in turn will ultimately help you navigate the landscape most easily and effectively.

  1. Maintain Productivity
Employee-caused data breaches are on the rise. In many cases, the issue is not a malicious one; most internal breaches are caused by accident or by a lack of awareness of best security practices. A failure to use an encrypted USB to carry confidential files, which 63 percent of workers have admitted to doing, is one such potential cause.

Of course, errors can be difficult to prevent. However, we’ve found that when employees don’t use a prescribed tool, the organisation’s existing data transfer solution likely lacks a user-friendly interface or contains unwieldly features and is partially to blame for the data leak. No matter how much safer or compliant new technology may be, if there is another quicker or easier option, then it can be incredibly difficult to keep staff motivated to use safer alternatives. Companies without the functional means to make day-to-day activity secure are likely to see greater numbers of security breaches as a result of employees taking largely unnecessary (and unknowing) risks in order to save time.

Simply providing employee-friendly technology, such as an easy-to-use managed file transfer system and encrypted USBs, can motivate employees to use appropriate means to transferring files and remain in compliance with company governance.

  1. Evaluate security needs
Before investing in any enterprise level IT product, organisations must define their priorities and needs. Who will use it, how often, when?

In the data security space, determining these specific needs will enable an organisation to evaluate both the network capacity and type of solution they require to ensure the safe passage of information. Ranking data can be a good first step. There is little point, for example, protecting £10 worth of information with a £100 security package. Equally, there could be particular departments such as finance, with their own specific requirements outlined in industry or government compliance mandates and protocols.

Ranking data involves matching the purpose of the security technology with the types of files that will be transferred (e.g., DOCX, PDF). Consider which permissions are necessary for everyday business processes, and how much of the information involved is sensitive in nature. The process will make clearer how to approach tightening data security across your organisation and where it is most required.

  1. Pick what suits your organisation: cloud, on-premises or hybrid
A large part of agreeing on an approach to data security involves deciding between cloud, hybrid and on-premises transfer deployments. The decision is no longer about which is more secure. Each has its own benefits, and requires an evaluation of business needs.

On-premises models offer the additional component of control over an organisation’s network, because they are deployed in house and provide the extra security of an organisation’s firewall. On the other hand, cloud models can be quickly deployed and scaled fast to meet changing needs, often making them more cost efficient as a result. Hybrid models combine the best of both these models, but ultimately it’s about what is right for your business. Look at how demand will grow and how much control you want to have over your staff, in order to help make a decision.

Ultimately navigating the data landscape doesn’t need to be as hard as many business leaders think it is. Approaching your data security step by step, focusing on maintaining productivity, evaluating your needs throughout, and in the end choosing something that best suits your organization will help determine the right solutions and policies needed. When threatened, the worst thing organisations can do is panic, which leads to overspending, confusion, and often missed opportunities. In short, take a step back and evaluate every move before you make it.

By Matt Goulet, Chief Operating Officer at Globalscape