Page 142 - CDM-CYBER-DEFENSE-eMAGAZINE-December-2018
P. 142

Shadow IT

            Had this article been authored a few years earlier, data security for the intelligent workplace could be
            talked about in the context of users seeking out and using their own tools to share data if the IT provided
            solutions were more of a hindrance than a help. Called Shadow IT, it refers to “unofficial” IT tools being
            used within organizations.

            The risk to data security posed by those tools led to the rise of Cloud Access Security Broker (CASB)
            solutions. In their basic form, CASB solutions detect collaboration tools, and others used within an IT
            environment, and apply policies restricting use within an organization.


            Today, these types of solutions are regarded by many as a critical component for protecting enterprise
            data. Gartner expects that 60 percent of enterprises will have deployed this type of solution by 2020, as
            opposed to only 10 percent in 2017.


            Thankfully, the current crop of collaboration tools available for IT to deploy have improved tremendously,
            so users are more inclined to stick to the rules for what they use. Still, even if you have managed to stamp
            out shadow IT risk within your organization, collaboration tools are not the only thing that we have to
            consider when securing data in the modern workplace.


            The Mobile Workforce

            In thinking about the nature of how people work today, the data we use no longer resides within the
            physical walls  of a company. It sits on our laptops, tablets, mobile devices and in the cloud, and is
            accessed from an office building, home location, on a train while commuting, at a coffee shop, from a
            partner’s warehouse, etc.


            Now consider that over 70 million mobile devices are lost each year and lost laptops still account for a
            significant percentage of data breaches. How do we know that a breach is (or isn’t) the fault of our user
            accessing sensitive data, while sipping on that mocha latte?


            In many cases, it is not appropriate to allow users to openly access anything from anywhere on any
            device. The nature of the content and the context of use, even via sanctioned IT tools, must be considered
            in order to maintain data integrity and security.


            File encryption for sensitive data if being accessed from outside the office is mandatory, as is restricting
            usage  rights  to  data  files.  It’s  not  difficult  for  IT  to  make  a  file  “read  only”  or  available  only  as  a
            watermarked  image.  The  latest  generation  of  Data  Loss  Prevention  (DLP)  and  rights  management
            software enables many options for organizations.






                                 142
   137   138   139   140   141   142   143   144   145   146   147