1. Locate Your IT Assets and Data
The first step to data protection is understanding what you’re protecting. Good asset management is crucial for visibility into devices and applications and can provide an understanding of where data is located.
Government organizations tend to have a leg up when it comes to classifying and documenting data, which is a crucial part of this step. There should also be a unified policy for key assets, from source code to internal memos.
Finally, the asset management tool should be linked to a behavioral analytics solution, which calculates a risk score based on a user’s role and privileges, plus how she interacts with data and other sensitive business assets.
2. Pinpoint the Appropriate Services to Monitor
Behavioral analytics allows IT pros to keep tabs on interactions between users and data, and to automatically protect data independently of the application it’s sitting in. Every user’s normal interaction with data represents the baseline; the goal is to detect anomalous actions that might signal inadvertent risk, actions that lead to exposure or an actual breach.
The only way to react to a threat or mistake, though, is in machine time. DLP solutions must automatically and dynamically enforce policies according to the aforementioned classifications and the organization’s risk appetite, reducing manual decision-making and overall alert volume. This is especially true since everyone’s “normal” has changed in the wake of COVID-19. People are working in different locations and at different times, making automation more of a necessity.
3. Create a Feedback Loop for Added Security
During an emergency, managers spend time checking in on the health and well-being of employees. IT pros need to do the same on the data side.
For many, the first order of business during the pandemic was focusing on empowering employees to work — from securing laptops and updating operating systems to ensuring the use of encrypted VPN with strong authentication.
The next step is having ongoing conversations and coaching on data security. Proactive steps such as hanging posters about data security were possible in an office environment, but how do you transport the same coaching when everybody is in different locations? If someone makes the mistake of trying to send out data he shouldn’t, for instance, it’s an opportunity for education, creating a security feedback loop.
It’s inevitable that bad actors will get into your new hybrid environment — that environment has grown more distributed and seemingly less secure in today’s new remote work reality. Now people are the new perimeter, and remote Wi-Fi networks have become part of your internal network.
The focus should be on keeping data “in” and safe, though, while continuing to try to keep bad actors out. That requires putting users at the center of any data protection strategy, from understanding their normal behavior to offering ongoing education that helps them serve as a strong line of defense.
Harsh block-and-stop policies only create the illusion of security. A human-centric approach to DLP is now, more than ever, the way to ensure that users can get their jobs done anywhere without putting the organization at risk.