Cyber Security: More Important Than Ever
Cyber security and data protection is never not relevant, sadly. Every day the news sites are filled with more and more stories of high-profile data breaches and cyber-attacks.
Data breaches are more than just a time-consuming inconvenience – they can be extremely costly to your organisation. Not only can data breaches reduce a customer’s trust in an organisation, but data breaches can also rack up costly fines – particularly in the healthcare sector. Indeed, under the new EU General Data Protection Regulation legislation, companies can be fined up to £14.85 million, or up to 4% of annual worldwide revenue – whichever is greater.
The causes of these costly data breaches vary. Whilst most contain an element of human error, malware and insider-knowledge can also endanger an organisation’s data. Rolf Hass, Enterprise Technology Specialist at Intel Security says:
‘Over the next decade we will have, by a factor of 10, more IP addresses and things connected to the internet than we have humans on the planet. This is one of the biggest challenges facing security and it requires a different approach to traditional enterprise ‘office’ security.’
DLP: The Smart Way to Protect Your Data
Thankfully, there is an answer. And that answer is Data Loss Prevention – or DLP as it is often known.
At its core, DLP is very simple. It is simply a solution prevents unauthorised users from sending any and all data outside of the network. Indeed, as Trustmarque’s Mark Ebden puts it:
In order to make your DLP solution effective, however, it is crucial that data is classified and labelled appropriately, so that the most sensitive data is clearly identifiable. This process can be done either manually or automatically – but either way, it is essential. If data is not properly categorised, then organisations cannot expect to know which data needs the most protection.
DLP On the Go
Unfortunately, modern technology is making DLP trickier than it once was. Once, organisations only ha a handful of desktop computers to worry about. The rise of mobile working means that organisations now have to consider security for mobile devices.
The challenges of mobile security can in part be mitigated by implementing cloud systems which allows employees to access work-related information and data on the go without physically downloading files onto the device.
Of course, this means that any DLP solution that is implemented should be adapted for the Cloud, and organisations should ensure that they know exactly what data they have stored in the Cloud, and how they are protecting it. Rolf Hass, Intel Security says:
‘It’s about a combination of a DLP solution at the endpoint and hardened application or gateway control software to monitor applications and data, and prevent exfiltration.’
Ultimately, although security can be a scary issue to tackle, it’s not one that organisations can afford to avoid. If an organisation wants to remain secure, compliant, and trustworthy, it must implement a robust DPL solution that works in conjunction with a range of other security strategies. Failure to do so could mean the failure of a business.