As the series of high-profile data breaches that defined 2014 shows, security is now a critical concern for enterprises in every industry. The network reliance and distributed nature of today’s enterprise IT environments—often encompassing both on-premises and cloud-based infrastructure and applications—and the need for today’s mobilized workers to access data and applications anytime and anywhere, mean that more and more corporate data tends to be available online, and more and more attack vectors are available for data thieves to use to steal it.
Moving in 2015, you may find that global security is top of mind for your customers, who may be worrying about all the data that is either stored or accessible away from corporate premises. To help your customers ensure global security of their sensitive or protected data, here are some tips.
1. Know what needs to be protected
It is the nature of data to proliferate, and at any organization, some data will be much more sensitive and in need of protection than others. The first step towards developing a comprehensive and effective global security strategy is understanding what data requires extra protections and what data doesn’t. Help your customers catalogue their data assets and prioritize them according to value, sensitivity and whatever regulatory requirements apply so that effort can be focused where it is needed.
2. Know (and control) where sensitive data can go
Data security these days must be global security due to the wide variety of places where any given piece of data can end up: on a cloud-based file sync and share server in a data center far from HQ, for example, or attached to an email that crosses a continent. Once data assets have been classified and prioritized, therefore, it is extremely important for enterprises to get a grip on where sensitive data can be sent. Data Loss Prevention (DLP) tools can prove helpful when it comes to controlling the spread of sensitive or protected information. An effective DLP tool will detect, document, and deter attempts to store or share sensitive data in ways that violate corporate policy. Work with your customer to decide whether DLP is necessary for them and to implement one that fits their needs.
3. Know (and control) who has access to sensitive data
When it comes to the most sensitive or protected data, enterprises should take a “need to know basis” approach to access. As few people as possible should have access to the information that needs to remain confidential: only those people who need it in order to fulfill their job functions. This is not only because of the risks that insider threats create, but also because of the risks of a privileged user’s account being compromised and an attacker using the user’s credentials to penetrate the enterprise. Work with your customers to create and implement strict access policies for the data that they must protect. In addition, educate your customers on the importance of strong passwords and safe Internet use in order to help them (and the company) avoid becoming victims of password and identity theft.
Global security threats can originate anywhere, at any time. Your customers are right to be concerned for the safety of the data assets they hold, whether those assets be customer credit card numbers or employee SSNs. By assisting your customers in coming up with a strategy to secure their information against outside attack, you position yourself as a trusted security advisor—a long-term relationship that can benefit both your business and those of your customers.