| |||||||||
| |||||||||
Current Filter: Security>>>>>Opinion> Top 3 data security threats Editorial Type: Opinion Date: 05-2015 Views: 2864 Key Topics: Security Cloud-based Security Cloud Storage Mobile Security Key Companies: CoSoSys Key Products: Key Industries: Education | |||
| Roman Foeckl, CEO and founder of CoSoSys, offers his insights on how to mitigate threats through a sound data security plan Sometimes we feel like we keep repeating ourselves and then we realise that's our job as vendors: to speak about the potential threats to data security with every opportunity we get and hope that CSOs are one step closer to mitigating threats by implementing a sound data security plan. Today, we want to emphasise three of the most pre-eminent threats:
1. Cloud storage applications Businesses need to create more 'live' procedures after studying the cloud compliance issues that arise from the use of cloud storage. Where will the data be kept, what data can be saved on the cloud and what should be kept in-house, how secure is the cloud storage platform? These are some of the questions to be answered, in order to know the next steps for a clear objective regarding data security. IT security staff should also consider cloud encryption solutions. They should make sure that all stored information is secured in an encrypted container, for which they hold and manage the encryption key. Additionally, they should use Data Loss Prevention (DLP) solutions to restrict file sharing according to the content of the document - e.g, block transfers of documents containing Credit Card Numbers (CCNs).
2. Mobile devices There is no point denying the use of a camera in employees' spare time, away from company secrets. This is just an example, but context is becoming more and more important in mobile security, since mobile devices are an extension of computers, and there is a thin line between personal and corporate data. There needs to be a balance between restrictions and permissions, since the whole purpose of mobility is to enable workers to be more productive.
3. Insiders with or without malicious intentions
Organisations must create comprehensive policies and include their employees in continuous IT security education programs. With disgruntled employees, it is another story, but in both cases DLP solutions play an essential role to avoid data breaches and data thefts. | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |