With employees working increasingly from home corporate IT and CISO’s are increasingly focused on how they can improve upon data security and privacy for end users. The below tips are not new but they should server as a means to focus on what may be required for organizational change in the new hybrid work culture:
1. Companies should focus on their Identity Management Systems and controls therein
Identity and access should be a primary focus for company security officers. Companies should ensure that Identity Access Management Systems are up-to-date and resource permissions are regularly reviewed whilst also reviewing single-sign-on policies and integrations as well as enforcing additional Two Factor Authentication (2FA) for end users.
The Enterprise File Fabric unifies access to a company’s files, whether on-cloud or on-premises and integrates with a company’s existing IAM solution, be that Active Directory, LDAP or SAML based. It also ships with support for 2FA and geo-restriction policies. It is able to provide seamless access to corporate resources using existing company authentication mechanisms.
2. Companies should consider protecting sensitive data before it reaches the Cloud
Data Breaches and compliance regimes have forced Companies to be more aware of what data is being uploaded to the Cloud by end users particularly when they have little control over the physical infrastructure of where the data is being stored. For sensitive data, encryption of data that cannot be read or understood if accessed directly (as in the event of a breach) should be viewed as essential.
The File Fabric provides a ‘Bring Your Own Encryption’ (BYOE) type of model in which it enables a company to use certified FIPS based encryption to encrypt data prior to it being stored on cloud resources outside of the organization. This provides additional security in the event of a breach that is outside of a company’s control and should satisfy compliance regimes, such as GDPR, that require a company to validate what additional precautions were taken to secure private data.
3. Unify access to provide multi-cloud data security
Almost all companies have multiple data sources increasingly split between on-cloud and on-site. These are siloed and often have different access mechanisms and security and compliance polices. Having a secure common method of access with universal policies is the first step towards having control and centralisation.
The Enterprise File Fabric is a compliance and security focused content management solution which provides a ‘single pane of glass’ that presents and secures file data from multiple sources, be that on-premises, a data centre, or the Cloud. It Provides intelligent policy based enforcement across all corporate data and helps enforce GDPR / CCPA / HIPAA.
4. Leverage solutions that discover data issues
Data volumes continue to grow exponentially for almost all companies and getting their arms around the data being uploaded and stored can be a virtually impossible task. With regards to point 2, it could be very difficult for employees to understand exactly what is ‘sensitive data’. With the advance of deep learning and AI based analytic tools and applications companies should consider leveraging this to better understand and protect their data.
The File Fabric provides a built in ‘smart’ content discovery feature that continuously checks data against pre-defined polices and flag and quarantine items if they breach these policies. These policies can be as simple as a Passport or Social Security number or they could be something more pertinent to a business that could be used to identify an individual and therefore breach a compliance regime such as GDPR or CCPA.
5. Take steps to mitigate, protect and recover from Ransomware Attacks
Ransomware attacks are on the increase globally and once affected, unless a strategy is in place companies have very little options to regain access to their data. It is essential that Ransomware mitigation, protection and recovery form part of a company’s security playbook.
The Enterprise File Fabric has a comprehensive real-time Ransomware recovery feature built into the product. Additionally it facilities a very straightforward way for end users to recover folders / files that may have been locked by a Ransomware attack.by