Data is the life blood of many organisations. Whether it is represented digitally or physically, it is a critical component in the success of a business. Users that work with and create data learn to understand its value which can create a problem when they decide to leave a company. A 2015 study performed by a US security provider found that 25% of respondents admitted that they took data when leaving a company. Stolen data can include things like application code, passwords, credit card numbers and other confidential information. In the wrong hands, this can have a devastating impact on a business.
While not an exhaustive list, the following 7 points provide a guide to reduce the chances of data theft within your organisation:
Encrypt everything – Encryption is the process of converting data into a format that is only understood by authorised parties. By implementing encryption methods across your infrastructure to protect data both at rest and in transit you can significantly reduce the chances of unauthorised interception and theft. Encryption should not only be enforced in the datacentre – it can extend to end user devices as well. Laptops can often be left in the back of a taxi, or even stolen from an airport security scanner. If encrypted, the thief will have a very difficult time extracting any meaningful data.
Security Groups/Access Control Lists (ACLs) – Restricting access to data using controls within operating systems, network devices, etc. This ensures the data is only available to those that really need it. One method of controlling and maintaining accurate ACLs is to introduce user ‘Role Based Provisioning’, where a user is only provided access to data and applications based on their role. By defining the roles in the organisation in this manner, you ensure a consistent approach data security.
Digital Rights Management – This is a method of controlling not only who has access to data but also how the data is to be consumed. It also allows for the tracking and classification of data. For example, Microsoft has recently introduced Azure Information Protection which introduces features that can prevent Microsoft office documents and emails from being sent or forwarded to unauthorised parties.
Network Access Control – In the tech world this is commonly referred to as ‘802.1x’, referring to the IEEE networking standard. This is a standard that provides an authentication mechanism for devices that are attempting to connect to the network, whether they are on wired or wireless connections. In plain English this means that a device cannot connect to the corporate network until it has successfully authenticated. By supplementing this with auditing controls you can get a very good understanding of where and how users are accessing the network.
Content Filtering – With an abundance of cloud storage services available for free, it has become very easy for data theft to occur over regular HTTP/internet traffic. This kind of theft can be more difficult to detect using traditional auditing techniques. With content filtering in place on the network, access to these cloud storage websites can be restricted. The extensive logging capabilities of these solutions also ensures that attempts to cloud storage and similar services can be tracked.
Auditing – With appropriate logging and alerting in place, you may detect suspicious activity before a theft has even taken place. Auditing of user logons, file and folder access, applications and even USB device connectivity can alert security teams that unauthorised or suspicious activity is taking place on the network and allow them to act.
Data loss prevention software – specialised software is available that can enforce policies based on many of the controls mentioned above to prevent the unauthorised transmission of data. This software can be located on end-user devices, servers or even within the cloud. This solution can often simplify the process of securing your environment against data loss by providing a single management interface as well as extensive reporting capabilities so that you can track user behaviours and data movements.
If you have concerns about the security of your data, get in touch with the team at Starboard IT. We can assist with data loss prevention strategies to identify and mitigate risks to ensure your data stays safe.