Keep it safe: How to shield your sensitive data and control access

Multipronged approach using encryption, permissions, protection of unstructured data boosts security profile

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Recent high-pro­file pho­to hacks have made head­lines. In March, inter­net hack­ers tar­get­ed celebri­ties includ­ing Miley Cyrus, Emma Wat­son and Aman­da Seyfried, among oth­ers, result­ing in the leak of inti­mate pho­tos that were post­ed on sites such as 4chan and Red­dit. Sim­i­lar­ly, back in 2014 hack­er Ryan Collins exposed nude pho­tos and videos of sev­er­al celebri­ties after obtain­ing them from iCloud accounts.

But celebri­ties aren’t the only ones vul­ner­a­ble to hack­ers. Imag­ine if your organization’s C-lev­el exec­u­tives had sen­si­tive infor­ma­tion stored in their email or doc­u­ments. Hack­ers could obtain pro­pri­etary infor­ma­tion, caus­ing finan­cial night­mares and dam­ag­ing your organization’s reputation.

Relat­ed Q&A: High net worth indi­vid­ual face focused attacks 

Many enter­pris­es fail to prop­er­ly secure their email and doc­u­ments from attacks, think­ing that fire­walls and tra­di­tion­al secu­ri­ty solu­tions are suf­fi­cient. But with­out a secu­ri­ty solu­tion in place, the entire orga­ni­za­tion can be at risk if just one employ­ee falls vic­tim to a phish­ing attack. Some 91 per­cent of phish­ing hacks lead to con­tent breach­es that can snow­ball, caus­ing you, your con­tacts, and their con­tacts expo­nen­tial harm.

What can be done to mit­i­gate the pos­si­bil­i­ty of data breaches?

Unstruc­tured data 

Each day mil­lions of cor­po­rate and gov­ern­ment email users world­wide have can­did con­ver­sa­tions over email—whether between employ­ees, sup­ply chain part­ners or oth­er exter­nal participants—sharing infor­ma­tion that often is pro­pri­etary and mis­sion-crit­i­cal. And the vol­ume of data in emails and doc­u­ments is dou­bling each year.

This col­lab­o­ra­tion is cru­cial for today’s busi­ness­es, but main­tain­ing pri­va­cy stan­dards and doc­u­ment secu­ri­ty can be chal­leng­ing. To ensure pro­duc­tiv­i­ty through col­lab­o­ra­tion, expe­dite projects and make time­ly deci­sions, employ­ees are shar­ing unstruc­tured data both inside and out­side the fire­wall. Yet once the infor­ma­tion is out­side the fire­wall, it may not be pro­tect­ed. By estab­lish­ing a secure envi­ron­ment that pro­tects con­tent inside and out­side the orga­ni­za­tion, all par­ties can com­mu­ni­cate freely via dig­i­tal channels.

Rights man­age­ment

There is an expect­ed lev­el of trust between you and your inter­nal and exter­nal stake­hold­ers that the infor­ma­tion you are shar­ing is for their eyes alone. While there is no fool­proof way to ensure that some­one isn’t read­ing over your recipient’s shoul­der, rights man­age­ment is anoth­er way to enforce secu­ri­ty per­mis­sions. This adds an extra lay­er of pro­tec­tion to emails, doc­u­ments and pho­tos even when opened by a per­mit­ted source. Con­tent is pro­tect­ed from mis­use while at rest, in tran­sit and in use. And the abil­i­ty to track and mon­i­tor for autho­rized use and attempts of unau­tho­rized use of con­tent can help ensure that data and intel­lec­tu­al prop­er­ty stay with­in the cir­cle of trust.

Encryp­tion

Encryp­tion offers yet anoth­er lay­er of secu­ri­ty for your infor­ma­tion by mak­ing con­tent only acces­si­ble to the devices and users with spec­i­fied usage rights.

Data with encrypt­ed in-use pro­tec­tion allows the autho­rized recip­i­ent to decrypt encrypt­ed con­tent by teth­er­ing to the spe­cif­ic device and user. This means that con­tent in an autho­rized receipt could get hacked—but the hack could eas­i­ly be mitigated.

Bot­tom line: Breach­es are an inva­sion of pri­va­cy whether you are a CEO, devel­op­er or celebri­ty. It’s imper­a­tive to ensure that no mat­ter where your con­tent trav­els or what device you use, at any point it is pro­tect­ed from get­ting into the wrong hands. Armed with the knowl­edge to ensure secure con­tent col­lab­o­ra­tion whether inside or out­side an enter­prise net­work, you can avoid becom­ing the next headline.

More sto­ries on dig­i­tal data protection:
It’s time to give unstruc­tured data some struc­tured protection
Admit­ting there are secu­ri­ty prob­lems with encryp­tion is the first step toward a solution
It’s time to close the secu­ri­ty loop­hole on unstruc­tured data