Defending against employee-based risks doesn’t always involve monitoring those with malicious intent. Oftentimes, in their desire to move information and ideas more quickly and efficiently, employees will step outside the restrictions established by corporate IT and organizational policies. In doing so, many employees open up their organizations to a host of data security risks by using cloud-based information sharing tools that lack the compliance and risk controls often required by highly regulated industries.
A recent survey by ReRez of more than 3000 organizations found that 40% experienced exposure of confidential information via unsanctioned cloud storage and information transfer, a phenomenon it labeled as “rogue cloud” deployments. This point was illustrated by this past summer’s breach at Dropbox, where reused login credentials for some of its users were compromised because they were lifted by hackers from another website. This unintentional breach scenario resulted in the loss of corporate data stored on the site, and caused Dropbox to unveil new security features that, although a positive step, were not mandatory for all users.
The answer to this non-malicious insider threat is not the creation of a highly restrictive collaborative process, but rather to implement one that understands the drivers for easy collaboration and information sharing, while deploying a set of diverse tools that provide the appropriate risk and compliance controls. In this scenario the user has the ability to continue to do the ad hoc file sharing that has produced productivity gains while still protecting corporate policies.
This webinar will discuss:
- The role of user education in preventing “rouge cloud” scenarios
- How to provide safe and secure alternatives to information/file sharing – and encourage their adoption – rather than handing down restrictive policies on the use of cloud-based collaborative tools
- How to properly balance risk vs productivity when sharing data with third parties, including co-workers, partners, and vendors