This also goes for companies when we’re talking about protecting their most valuable capital: DATA….CONFIDENTIAL DATA. At least at one point in their business activity they thought competition or other third parties are going to find out the secret of their success…the “secret Coca-Cola ingredient”!
Think about the fact that some IT admins used to Super Glue USB ports so that employees couldn’t plug in USB sticks to copy data and infect the computers with viruses. Crazy, huh? (Yet when I think about the data breaches that occured lately, it’s understandable). Even if they don’t use Super Glue anymore, they do it through software and there are still many companies that, out of too much caution, ask their IT people to simply block all transfers of files. This is both annoying and counterproductive for users, since the business environment nowadays requires high mobility for fast response times. This doesn’t mean they should just leave confidential data and exit points unprotected and unsupervised. Don’t get me wrong! Maybe I’m just pointing out the obvious, but they should allow legitimate file transfers and block dangerous file transfers, instead of blocking the activity of all users. In one word: FILTERING.
With Data Loss Prevention solutions you can set filters at the endpoint level: filters by File Type (Word, Excel, PDF, PowerPoint, exe, jpg, etc.), filters by Personal Data (emails, phone numbers, SSNs, credit card numbers, etc.) and even filters by Custom Content (for instance I can define a filter that will prevent all my users from sending files containing the word ‘dog’ inside). You can basically control every word that goes out of the company network, whether by email, social media, instant messaging, file sharing applications, Dropbox, iCloud, USB drive, external HDD, CD/DVD, zip drive, etc., all you can think of.
My point is you have to be on the safe side without taking it to the extremes: hope for the best (security conscious, well-intended, employees) but expect the worst (be prepared to face any security threat).
We will talk more in depth about filtering and Data Loss Prevention in a future post. To Be Continued…