For a long time, businesses have acknowledged employees as security threats instead of assets. While this is sometimes the case in today's highly sophisticated cybersecurity landscape, it doesn't necessarily need to be.
A recent report by Dark Reading said decision-makers can implement advanced document protection training programs that make insiders more aware of security threats, thereby reducing the potential damage employees can cause during a breach.
"The status quo doesn't work," security expert Aaron Cohen said, according to Dark Reading. "People look at buying hundreds of firewalls but not spending the appropriate amount of money training their employees or making sure their employees know how to protect their assets."
Furthermore, a data breach should not necessarily mean death for an organization. Instead, executives should use the incidents as a learning experience to determine which document security solutions are the most effective at minimizing damage.
As the digital world evolves and introduces new threats, executives need to adapt and deploy robust strategies that keep confidential resources protected, as failing to do so will likely force the company to pay unnecessary fines or experience a tarnished reputation. By properly training individuals in how to keep sensitive assets safe, businesses will improve their odds of success.
Companies are often responsible for managing large volumes of documents containing sensitive customer information but are sometimes swamped with issues that make it difficult to meet privacy and security requirements. Some other businesses simply don't prioritize document protection strategies.
In a study of roughly 6,400 security executives, Edelman revealed that more than half of respondents think their organization does not consider securing personal customer information a priority. Another 62 percent said they do not have the appropriate tools to keep sensitive data safe.
"With the growing level of consumer, media and regulatory attention currently focused on privacy, businesses simply cannot afford to risk the reputational and financial damage that may result from a lack of attention to this business-critical need," said Ben Boyd, global chair of corporate practice at Edelman. "Rather, we see an opportunity for businesses to grow confidence and trust in their brands through thoughtful privacy and data management."
By deploying access control tools, for example, decision-makers can guarantee only authorized individuals have the ability to view confidential resources, mitigating major privacy and security concerns. Executives should also teach employees how to safely use sensitive assets to avoid potentially devastating breaches.
The digital security landscape has always presented problems for small and medium-sized businesses (SMBs), but new research suggests this could be due to a lack of awareness of the potential dangers associated with breaches.
A new study of U.S. and U.K. SMBs by the Ponemon Institute on behalf of Faronics revealed that the proliferation of unstructured data, improper use of cloud services and unsecured access to mobile devices are among the top security concerns for organizations. Unfortunately, many decision-makers are not placing enough emphasis on document security initiatives.
"Although organizations have become more aware of potential threats, they do not seem to accurately perceive the repercussions associated with data breaches," said Dmitry Shesterin, vice president of product management at Faronics. "Findings indicate that organizations do not understand the full costs and damages they will suffer as a result of a data breach."
As cloud and mobile technologies continue to emerge, employees will inevitably access mission-critical resources outside the boundaries of traditional data centers. As a result, executives should deploy access control and other document protection tools to ensure authorized individuals view confidential assets in a secure manner, minimizing the chance of exposure.
Transformations in the private sector have made it more important that decision-makers change their traditional document protection strategies, as confidential information becoming exposed is never a good thing. In the past, companies could simply protect the data center to ensure mission-critical resources were safeguarded. Today, however, this is no longer the case.
Perimeter security initiatives now need to incorporate employee mobile devices and identities, according to a Dark Reading report. This is because innovative solutions enable individuals to access confidential resources from virtually anywhere, making it more difficult for IT departments to ensure only authorized personnel view sensitive documents.
Corporate executives should consider going on the offensive to mitigate risk, Dark Reading noted. In doing so, decision-makers will be able to monitor employee activity and charge anyone responsible for exposing sensitive information.
Another report, by CA Technologies, said companies should deploy identity and access management solutions to ensure document security initiatives are robust and effective. These strategies will become increasingly important as innovative services emerge and let individuals view confidential resources from virtually anywhere.
If companies neglect to adapt to change, they will likely find themselves neck-deep in trouble trying to maintain a secure work environment.
A new report by Infonetics Research noted that decision-makers are investing more heavily in security initiatives as the cloud, virtualization and other technologies emerge within the private sector. In fact, the market for data center security appliances is forecast to generate approximately $2.7 billion in revenue by 2016.
"A wave of new spending on data center security is underway. Service providers and enterprises are rebuilding data centers, and they need new security infrastructures to keep up with the performance requirements, network architectures, and threats brought about by the move to virtualization and the cloud," said Jeff Wilson, principal analyst for security at Infonetics Research.
Cloud computing, in particular, is dramatically increasing security vulnerabilities because of its ability to provide anytime access for employees. For this reason, decision-makers need to ensure they implement well-rounded document protection strategies to ensure only authorized individuals view confidential records.
As IT continues to evolve and introduce new opportunities for businesses around the world, companies that want to remain protected will need to deploy robust security initiatives to ensure mission-critical documents are not jeopardized during the use of next-generation solutions.
The ongoing use of cloud computing in the private sector has given companies the unique ability to perform business-related tasks from virtually anywhere. Unfortunately, the technology has also introduced some document security concerns, as the use of the cloud has made it harder for management to monitor who accesses what and when.
A recent Forrester Consulting study highlighted this issue, noting that roughly a third of businesses are migrating highly sensitive information to the cloud, despite ongoing security worries. For this reason, among others, decision-makers are adopting identity and access management programs to mitigate risk, though many are unsure if the policies will match their use of the cloud.
"This survey reveals that enterprises recognize the need for cloud identity and access management but they're concerned about their ability to integrate these capabilities within existing infrastructures," cloud identity expert Brian Czarny said.
A separate report by CloudTweaks said organizations using the cloud need to implement a two-factor authentication process for accessing confidential resources. In doing so, companies will be able to deploy more effective document protection strategies and keep sensitive assets safer.
The advent of cloud services has created a path to an expanded mobile workforce and easier access to mission-critical resources, enabling companies of all sizes to be more efficient. Unfortunately, the other side to this coin is that the anytime availability of assets has made it more difficult for IT departments and executives to monitor who is viewing what documents, when and why.
For this reason and others, decision-makers need to deploy document protection, encryption and identity management solutions when using the cloud, according to a report by Dark Reading.
"It boils down to the fact that a data breach is going to be an inevitable event – the strategy then has to shift to making a breach meaningless to the attackers and have zero impact to the business," digital security expert Mark Bower said, according to Dark Reading.
Document rights management and other access control initiatives can help alleviate some of the internal security pressure, as these strategies will put boundaries on available resources, only enabling authorized users to view sensitive documents. While these tools may not definitely prevent a breach from occurring, they can help minimize risk.
The adoption of cloud computing and mobile technologies has contributed to a phenomenon known as "information sprawl," in which large volumes of data are hosted outside the traditional data center. A recent study by Symantec noted that this occurrence is having a major impact on document protection strategies, as decision-makers are finding it more difficult to keep confidential solutions safe.
Francis deSouza, an executive at Symantec, said this is contributing to a major transformation in the private sector.
"With mobile devices and cloud giving employees access to information from nearly anywhere, we're also seeing more sensitive information living beyond the traditional IT boundaries," deSouza said. "This is creating concern about how to best protect this information."
Symantec noted that decision-makers need to change their document security initiatives and focus on protecting the information itself, rather than cloud environments or mobile devices. Executives must also recognize that not all data is created equal and some assets need to be more thoroughly secured than others.
By implementing document rights and other identity management technologies, companies may be able to minimize risk by limiting access to confidential resources. In doing so, organizations can adopt cloud and mobile technologies more wholeheartedly.
The consumerization of IT is impacting businesses in a number of ways, including giving decision-makers the ability to support remote working capabilities. However, bring-your-own-device (BYOD) initiatives that enable employees to use personal smartphones and tablets in the workplace are also introducing new document security risks.
A recent study of more than 740 IT executives by Webroot highlighted this concern, revealing that more than 80 percent of respondents said the use of mobile devices in the workplace has created a number of major security risks. Another half of decision-makers said BYOD programs have led to the consumption of more valuable IT resources.
Webroot noted that companies can avoid some of these issues by implementing robust usage policies and document protection tools that minimize unauthorized viewing of confidential records. Executives may also consider launching training programs that educate employees how to securely use smartphones and tablets for work-related tasks without jeopardizing the confidentiality of mission-critical information.
Another report by eSecurity Planet said decision-makers should consider implementing management tools that enable IT departments to monitor mobile device activity and resolve any vulnerabilities that emerge during the process.
Document security is a critical aspect of any organization. Leaving data unprotected can lead to the publication of intellectual property or the theft of clients' sensitive information – both of which can be devastating to a business.
However, despite these potential consequences, many businesses remain unprotected. A recent Mobilisafe study found that employees at small to medium size businesses (SMB) regularly use mobile devices that lack sufficient security measures, with 71 percent displaying operating system and application vulnerabilities. As bring your own device (BYOD) policies become more prevalent at businesses across the country, failure to adequately protect these devices may lead to serious document security issues.
Recognizing the risks of the growing BYOD trend, as well as organizations' increasing reliance on the cloud and other web technologies, NetworkWorld's Jon Oltsik argues that now, more than ever, it is important for businesses to implement document DRM strategies. As he points out, DRM allows an organization to control access to each of its documents on a case-by-case basis. By encrypting data, a business can protect its information, even if the file or device containing it somehow reaches an unauthorized individual.