Wisegate, a crowdsource IT advisory and research group, recently conducted a survey of senior IT professionals on the state of IT security. The results of this survey, shared on CSO Online, show that BYOD and the cloud are having the greatest impact on IT security planning, forcing a shift from protecting devices to protecting data.
The Wisegate report shows that 80% of respondents believe their top security risks (malware, data breaches and outsider threat) are increasing in the industry, but more interestingly, that the risks associated with malware and data breaches are likely to get worse because of BYOD and the increased use of cloud technology.
Many organizations currently struggle managing the onslaught of devices, trying to patch together systems to lock down devices or access to cloud services, a posture which inevitably both has cracks and the potential for employees to circumvent them. As the Wisegate survey notes, about 50% of organizations lack reporting procedures to measure existing security programs, so it becomes difficult to know if these programs are working or being circumvented. For example, what good is encryption if it can be bypassed?
This paradigm shift toward data-centric security management focuses on protecting corporate data and apps, no matter where it resides. At Absolute, we have been advocating for this same shift, further defining it as one that is user-centric, an approach that focuses on the end user and how they are using the device. By managing the data, and the risk at the user level, you have a stronger and more manageable security solution.
A user-centric approach to data security considers technology, internal processes and user education in the following ways:
- Focus on who has the most data access – employees accessing sensitive intellectual property, customer information, or proprietary content are the highest risk, since the regulatory and financial consequences of a data breach are most severe with this use case.
- Authenticate and audit data access for these employees frequently.
- Use a Data Loss Prevention (DLP) tool to ensure no one is accessing data outside of their normal responsibilities. If unauthorized access occurs, create restrictions and even revoke access in cases where it is warranted.
- Create automatic alerts if a device is modified – If a user’s device status is modified (unrecognized IP address, change in physical location, etc.) the system should automatically alert the security team, who should then be empowered to take action. Endpoint controls should include the ability to remotely lock the device or even selectively delete data from it.
Absolute Computrace can provide the endpoint controls necessary to constantly monitor the status of an endpoint, flagging suspicious activity when it’s detected. Moreover, persistent endpoint security technology to ensure that security software reinstalls if it is removed or damaged and will allow you to run encryption and anti-virus status reports to prove these solutions were in place and operational, an important element to prove data security compliance.