Data breaches and leaks have become some of the most prevalent cybersecurity issues faced by organizations. Last year was one of the most destructive years on record for data loss. Breaches, like the ones experienced by Equifax and Facebook, can have serious financial consequences, not to mention losing the trust of the public and their customers. The true toll data loss can inflict on organizations isn’t often fully realized until much later.
Preventing data loss is quickly becoming one of the most important issues for organizations. Data Loss Prevention (DLP) is a strategy employed by organizations to ensure end users are not accidentally or intentionally sending sensitive information outside of the corporate network. The development of a strong DLP strategy is designed to thoroughly categorize and safeguard information critical to the organization. Between external phishing attempts and internal users operating out of malice, adoption of DLP strategies is being driven by a variety of threats.
Before developing a DLP strategy, it is crucial for organizations to know, and understand, where data is located internally. From a risk management and cybersecurity perspective, organizational data falls into three distinct categories:
- Data At Rest – consists of inactive data stored on any device or network, including hard drives, USB thumb drives, print and hard copy reports, and databases. This type of data is significantly less vulnerable compared to the other two categories.
- Data In Motion – consists of data that flows through an untrusted network (i.e. the Internet), or data that flows through the confines of a private network (i.e. Local Area Network). This type of data is anything that goes through social media outlets, emails, or file transfers.
- Data In Use – consists of data that is not being passively stored in a stable environment, which is any type of data that is currently in the process of being generated, updated, erased, or viewed. Location instances of this type of data include mobile devices, data warehouses, servers, and personal workstations.
A Joint Effort
Successful DLP strategies must be a collaborative effort between the IT department and the management of an organization. Like any risk management and cybersecurity issue, data loss is not an isolated element. It should not be restricted solely as an effort conducted by the internal IT department of an organization. In order to successfully prepare for and prevent data loss, the organization has to work collectively as a cohesive unit with open lines of communication. A strong collaboration between the IT department, business management and various other departments can help identify vulnerable areas within key business processes. Vulnerable areas that otherwise would have gone unnoticed or unknown by the IT department.
Regular users of the data have the best understanding of the associated risks and potential impact on the security of the organization if the data were compromised. By including all departments, threats and risk factors can be discussed openly and funds are more likely to be allocated appropriately to ensure critical data is protected completely and accurately.
Working together, IT and management should consider common methods of DLP security. All three different types of data are vulnerable to varying degrees, so a strong DLP strategy needs to ensure all are protected by regularly scanning local drives and monitoring file movements – both internally and externally. The joint effort also needs to observe social media channels, scan incoming and outgoing emails, and watch usage of mobile devices.
Organizations that choose to operate a DLP strategy solely through their IT department does so at a tremendous risk. One of the main areas of weakness when it comes to data loss is noninclusive behavior. Leaving management and other departments out of the security protocols and decision-making process creates significant gaps. Business leaders should be aware of the people, process, and technology around the data.
Some causes of data loss in which organizational management may have insight into are:
- Intentional and unintentional data loss – this includes issues like inadequate training, sharing work devices without permission, and leaving sensitive data unattended; as well as exposing or stealing data and compromising IT protective measures.
- Negligence and poor oversight – consists of leaving data unprotected, responding insufficiently to physical or cyber-intrusions, and not closing unnecessary service accounts or terminating users.
- Limitations of tools and systems – entails insight into remote access tools not being flexible enough, limitations of vendor based products, and regular software updates and patching.
- Design and implementation problems – involves awareness of poor system programming and design, a lack of flexibility in remote connectivity, and poor policy procedures and execution.
Collaboration between the IT department and management is essential for a successful implementation of a DLP program. With management’s approval and oversight, it ensures the appropriate representatives of the related departments were identified and involved completely and accurately. Further, management can assure the DLP strategy aligns with the organization’s mission and goals.
As technology continues to progress, malicious attacks will be able to breach networks more easily. IT and business management must put their best foot forward in working together to help protect the enterprise’s sensitive data. Even when stakeholders understand the risk and the necessity of action, the expertise to do so may not always be available.
With SC&H Group’s Risk Management Services, you can fully address your organization’s risk profile and enhance your business performance.