Data Topics

Advertisement

Through the Data Lens: Protecting Data Privacy

By Ian Pitt on

Click to learn more about author Ian Pitt.

2020 presented some of the most unexpected challenges as the pandemic pushed many organizations to advance their digital transformation at an accelerated pace. With the guiding principle of “Own Your Privacy,” we celebrated Data Privacy Day in January, highlighting awareness, understanding, and action both for the organization and the user.

The remote workforce’s extraordinary increase of cloud usage and the continued rise in cyber threats posed security, technical, and productivity challenges for IT. While 82% of IT leaders felt they were prepared for the transition last year, the shift to a virtual workforce still required significant IT time and resources.

Today, one of the biggest challenges we continue to experience has to do with protecting one of the most important resources within the organization: its data. Whether it is customer or employee data, revenue numbers, or even intellectual property like product development specs, all of this information is very valuable and in the wrong hands could have serious consequences. 

Securing the New Enterprise Perimeter

Before the pandemic, traditional office settings were the primary form of work, with 75% of employees working in a physical office environment. Since March of 2020, 65% of employees moved to a virtual environment, creating a massive challenge for the enterprise that had to transition from traditional controls to new processes and technologies to protect corporate resources.

With the pandemic still playing a big role in day-to-day life, many organizations have realized permanent changes need to be made. From making the shift to work from anywhere a lasting policy, to adopting hybrid workforce models, one thing is inevitable – the conventional physical office perimeter has changed forever. Businesses need to embrace the new environment, and business plans will need to encompass new security policies, training road maps, and workplace security culture.

IT and security practices have to evolve. The increase of cyberattacks on users at home, the proliferation of online scams, shadow IT, and even something once thought so trivial like sharing data are all a big part of the threat landscape for an organization. Improving remote access, identity management, and security within new channels and communication tools used can provide the peace of mind many leaders are missing. But how can organizations get started? Here are some key considerations for keeping data from falling into the wrong hands:

  • Don’t underestimate the basics. When most of us transitioned to remote work, many organizations invested in the best collaboration tools and new security software. But having the best or most expensive features won’t be of any use if security best practices are not followed. More times than we care to admit, essential actions are forgotten. Software updates, patching when necessary, keeping firmware and anti-malware fully up to date and testing data backups can keep threat actors away – at least from trying to exploit known vulnerabilities. With the remote workforce, it is also important to track applications used to minimize open end points.
  • Make security a part of the corporate culture. It is no secret that human error can be the weakest link when it comes to cybersecurity. That’s why educating the workforce is one of the key steps to protecting data. Simple errors like reusing passwords, sharing credentials via email, or even storing corporate details in personal devices put the organization at risk for potential breaches. Employees must be made aware of what confidential and sensitive data they have access to, what would happen if they unintentionally leak that data, and the steps they can take to protect themselves and the company. Creating a “cyber-smart” workforce takes time, but continuous education can play a critical role in keeping the business safe.
  • Rely on access management. Educating the workforce is paramount, but we need to go one step further. Technologies like access management software give IT the needed visibility into user log-in activity, while also protecting employees. Specific tools, such as password management and single-sign-on, reduce the risk of potential unauthorized log-ins and allows IT teams to better understand how specific resources are being used. Sharing credentials through email or messaging platforms continues to be a big problem for organizations. Attackers often take advantage of this situation, knowing that people will continue to leverage these easy pathways. Providing employees with a secure password management application can eliminate this challenge.
  • Protect video meetings. Video meetings are the new, most common way of virtual communication, replacing traditional in-person meetings. It comes as no surprise that threat actors can also take advantage of meeting tools. Most major video conferencing providers now offer end-to-end encryption for meetings. Using this feature will create another layer of security, minimizing the risk of anyone outside the meeting having access to the conversation. Coupled with encryption, educating users to secure their communication with passwords is paramount. Something as simple as this can help improve a secure communication network.

Protecting Data Every Day

The new security perimeter has changed the way we understand data. 2020 showcased how far we’ve come, and how many more challenges we will need to face through 2021. Safeguarding data not only benefits the business, but also benefits customers and employees. Understand your new work environment, identify and enhance your basic security practices, rely on tools that will help gain visibility into your data, and engrain security within your workforce. Remember, data privacy is important all year round.

Leave a Reply