Data Protection Best Practices for a New Remote Workforce Home Insights Blog Data Protection Best Practices for a New Remote Workforce August 18, 2020 Data Protection Best Practices for a New Remote Workforce Businesses must address risks associated with an expanding remote workforce. Getting started can be daunting, but in this guest post Forcepoint’s Romeo Gain outlines what you need to know to build an effective data protection action plan. Business leaders are grappling with the challenge of increasing numbers of remote or distributed employees who need secure access to sensitive data and internal resources to get their work done. The data protection challenges businesses face today are credible and arise from many sources, including malicious external or internal attackers and accidental data loss. Your data is the lifeblood of your company. You have compliance data, such as customer or employee records, and you have critical business data, such as intellectual property, that could include commercially sensitive information like pricing, contracts and formulas. Depending on your industry, there may be numerous compliance requirements and you may even conduct yearly audits to ensure they’re being met. As businesses grow and expand their employees and offices, their critical data has also increased and oftentimes is stored within online cloud solutions. Whether data is stored on your company’s protected network or at a third-party data center, visibility and protection of that data is important. Accessibility to your data is also a key consideration. When users are given rights to view and use your data, are they accessing the data from a company asset, a personal device or even a public device? How is the data being used? Is it being shared externally, taken from the cloud storage to an untrusted individual or is the data being copied onto a local USB device? Situations like these are where visibility and the ability to protect the data from exfiltration is paramount. Preparing a plan that provides visibility and control of your data, no matter where it may live, will help strengthen the protection of your sensitive information. When it comes to developing a data protection strategy in a volatile world, it isn’t enough to eliminate day-to-day challenges; it’s about making sure your strategy helps you effectively achieve your business goals. Policies should focus on people’s interactions with data, including endpoints, network storage, email, webmail and even personal devices and cloud apps that you don’t manage. Data protection goes well beyond simply tracking and blocking the movement of files. An effective data protection strategy starts with understanding who is accessing your data. Based on the user’s role in the company, it can be determined if he/she needs access to sensitive data. For example, if the user is a financial analyst, he/she will have access to the company’s financial data but if the user is a custodian, he/she more than likely should not have access to any company financial data. The strategy also needs to consider what data is being accessed. If a user is trying to access a file that contains this evening’s grocery list, the risk is relatively low or even nonexistent. However, if the file that a user is trying to access contains client information or intellectual property, security needs to be established around the file to protect it from being accidentally or maliciously exfiltrated. Properly identifying data as critical is important because we want to protect data that is truly sensitive and not block benign information. Keeping false positives low is also key to any data protection strategy. The last thing we want to happen is to break normal business processes because of false positives. Equally important, this strategy needs to help the company understand what risks the user poses. In many cases, data leaks are accidental. However, when data exfiltration is malicious and sourced from an internal user, the company then needs to investigate further. Were there any indicators of risky behavior the company could have seen before it happened? Was the user disgruntled for any reason in the near or distant past? Was this user accessing sensitive files that they don’t normally touch? Were files being saved to locations such as personal cloud storage or USB drives? These are all activities that could lead to data exfiltration, posing a great risk to the company. Once a company understands the user’s risk level, actions can be taken to prevent data exfiltration by a risky user before it happens, such as automating procedures to eliminate the need for an administrator to make those changes. Wherever your users may be, whether they are working in the office or remotely from home or a hotel, a strategy around how the company will protect its critical data needs to be in place. This strategy needs to provide visibility into who is accessing your data, what data they are accessing, whether that data is critical to the company and whether the user should have access or be able to move the data around based on the risk they pose to the company. Your data protection action plan: Review how your new work environment is structured. Research cybersecurity partners that are industry leaders and accredited by top-rated analysts for their data discovery, endpoint control, network enforcement and extension into cloud applications. Understand that the human-point connection to data can challenge a traditional approach to data security. Consider a shift from static one-to-many enforcement policies to a risk-based dynamic policy. Human-centric cybersecurity changes everything and can mean the difference between data leaks and safeguarding data for your company. By: Romeo Gain Forcepoint Senior Strategic System Engineer Romeo Gain has been with Forcepoint for nearly 15 years. His tenure began at Websense 10 years ago in technical support. Romeo quickly advanced to an engineer-level. He is focused on customer retention by providing technical expertise to resolve issues on- or off-site. Romeo is a dedicated sales engineer with proven expertise in providing problem resolution, software installation and troubleshooting. Share: Threat Partner Series Data Protection Copyright © 2022 Optiv Security Inc. All rights reserved. No license, express or implied, to any intellectual property or other content is granted or intended hereby. This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information. Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards. Complaints / questions should be directed to Legal@optiv.com RELATED INSIGHTS BLOG May 28, 2020 Thanks to COVID-19, Remote Work is Here to Stay Recent research from Gartner and others indicates the COVID Work From Home spike is here to stay. See Details Read more about Thanks to COVID-19, Remote Work is Here to Stay BLOG April 24, 2020 COVID-19: From the Mindset of the Attacker We’ve seen lots of COVID-19-related work-from-home tips, but how has it affected the attacker? See Details Read more about COVID-19: From the Mindset of the Attacker BLOG April 06, 2020 Securing Your Security Operations: Three Critical Areas of Focus Three enterprise security areas deserve focus in WFH environments: email security, tool configuration and chat. See Details Read more about Securing Your Security Operations: Three Critical Areas of Focus How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.