Keep it safe: How to shield your sensitive data and control access
Multipronged approach using encryption, permissions, protection of unstructured data boosts security profile
By Erik Brown, Special to ThirdCertainty
Recent high-profile photo hacks have made headlines. In March, internet hackers targeted celebrities including Miley Cyrus, Emma Watson and Amanda Seyfried, among others, resulting in the leak of intimate photos that were posted on sites such as 4chan and Reddit. Similarly, back in 2014 hacker Ryan Collins exposed nude photos and videos of several celebrities after obtaining them from iCloud accounts.
But celebrities aren’t the only ones vulnerable to hackers. Imagine if your organization’s C-level executives had sensitive information stored in their email or documents. Hackers could obtain proprietary information, causing financial nightmares and damaging your organization’s reputation.
Related Q&A: High net worth individual face focused attacks
Many enterprises fail to properly secure their email and documents from attacks, thinking that firewalls and traditional security solutions are sufficient. But without a security solution in place, the entire organization can be at risk if just one employee falls victim to a phishing attack. Some 91 percent of phishing hacks lead to content breaches that can snowball, causing you, your contacts, and their contacts exponential harm.
What can be done to mitigate the possibility of data breaches?
Each day millions of corporate and government email users worldwide have candid conversations over email—whether between employees, supply chain partners or other external participants—sharing information that often is proprietary and mission-critical. And the volume of data in emails and documents is doubling each year.
This collaboration is crucial for today’s businesses, but maintaining privacy standards and document security can be challenging. To ensure productivity through collaboration, expedite projects and make timely decisions, employees are sharing unstructured data both inside and outside the firewall. Yet once the information is outside the firewall, it may not be protected. By establishing a secure environment that protects content inside and outside the organization, all parties can communicate freely via digital channels.
There is an expected level of trust between you and your internal and external stakeholders that the information you are sharing is for their eyes alone. While there is no foolproof way to ensure that someone isn’t reading over your recipient’s shoulder, rights management is another way to enforce security permissions. This adds an extra layer of protection to emails, documents and photos even when opened by a permitted source. Content is protected from misuse while at rest, in transit and in use. And the ability to track and monitor for authorized use and attempts of unauthorized use of content can help ensure that data and intellectual property stay within the circle of trust.
Encryption offers yet another layer of security for your information by making content only accessible to the devices and users with specified usage rights.
Data with encrypted in-use protection allows the authorized recipient to decrypt encrypted content by tethering to the specific device and user. This means that content in an authorized receipt could get hacked—but the hack could easily be mitigated.
Bottom line: Breaches are an invasion of privacy whether you are a CEO, developer or celebrity. It’s imperative to ensure that no matter where your content travels or what device you use, at any point it is protected from getting into the wrong hands. Armed with the knowledge to ensure secure content collaboration whether inside or outside an enterprise network, you can avoid becoming the next headline.
More stories on digital data protection:
It’s time to give unstructured data some structured protection
Admitting there are security problems with encryption is the first step toward a solution
It’s time to close the security loophole on unstructured data