Jun 30 2020

3 Ways to Take a Human-Centric Approach to Data Loss Prevention

Bring people into the loop when securing a network in this telework era.

The COVID-19 pandemic pushed much of the global workforce to do their jobs remotely, making it more challenging and crucial than ever for IT pros to sufficiently protect data.

However, data classification generally puts the onus on the user, and data loss prevention programs, because of their black-and-white block-or-allow approach, are often deployed in audit mode only. And when in enforcement mode, end users might be unaware of what is happening; all they know is that they can’t get their work done. 

This usually results in employees exploring work-arounds, unwittingly exposing the organization to an even greater threat.

To prevent dangerous data breaches, particularly in this telework-heavy era, IT pros must take a human-centric approach to data protection. 

This method builds on how users interact with data, assessing and responding to risk in real time for more nuanced, risk-driven protection. Here are three steps to make that a reality.

1. Locate Your IT Assets and Data

The first step to data protection is understanding what you’re protecting. Good asset management is crucial for visibility into devices and applications and can provide an understanding of where data is located.

Government organizations tend to have a leg up when it comes to classifying and documenting data, which is a crucial part of this step. There should also be a unified policy for key assets, from source code to internal memos.

Finally, the asset management tool should be linked to a behavioral ­analytics solution, which calculates a risk score based on a user’s role and privileges, plus how she interacts with data and other sensitive business assets.

READ MORE: Discover how to best protect VPNs from major vulnerabilities.

2. Pinpoint the Appropriate Services to Monitor

Behavioral analytics allows IT pros to keep tabs on interactions between users and data, and to automatically protect data independently of the application it’s sitting in. Every user’s normal interaction with data represents the baseline; the goal is to detect anomalous actions that might signal inadvertent risk, actions that lead to exposure or an actual breach.

The only way to react to a threat or mistake, though, is in machine time. DLP solutions must automatically and dynamically enforce policies according to the aforementioned classifications and the organization’s risk appetite, reducing manual decision-making and overall alert volume. This is especially true since everyone’s “normal” has changed in the wake of COVID-19. People are working in different locations and at different times, making automation more of a necessity.

3. Create a Feedback Loop for Added Security

During an emergency, managers spend time checking in on the health and well-being of employees. IT pros need to do the same on the data side.

For many, the first order of business during the pandemic was focusing on empowering employees to work — from securing laptops and updating operating systems to ensuring the use of encrypted VPN with strong authentication.

The next step is having ongoing conversations and coaching on data security. Proactive steps such as hanging posters about data security were possible in an office environment, but how do you transport the same coaching when everybody is in different locations? If someone makes the mistake of trying to send out data he shouldn’t, for instance, it’s an opportunity for education, creating a security feedback loop.

It’s inevitable that bad actors will get into your new hybrid environment — that environment has grown more distributed and seemingly less secure in today’s new remote work reality. Now people are the new perimeter, and remote Wi-Fi networks have become part of your internal network. 

The focus should be on keeping data “in” and safe, though, while continuing to try to keep bad actors out. That requires putting users at the center of any data protection strategy, from understanding their normal behavior to offering ongoing education that helps them serve as a strong line of defense.

Harsh block-and-stop policies only create the illusion of security. A human-centric approach to DLP is now, more than ever, the way to ensure that users can get their jobs done anywhere without putting the organization at risk.

Orbon Alija/Getty Images