While intellectual property, business confidential information, customer and consumer data are all valuable assets in an organisation, they are the least protected resources throughout the enterprise.
Confidential company information may be secure on the server within the four walls of the organisation, but it is continually duplicated to endpoints such as desktops, laptops, mass storage devices and smartphones, and is accessed outside of the company perimeters.
The constant flow of information to and from endpoint devices creates weak points in the enterprise security chain. Apart from threats of hackers, viruses, and spyware that could possibly result in information leakage from these devices, security experts state that more than 70% of all security threats originate from within the company, where employees either intentionally or unintentionally expose sensitive information.
Importantly, new industry regulation demands strict control of how company and customer data is stored and shared, with severe implications if it is not adhered to.
To minimise this threat, companies must rethink their security strategies and implement additional layers of security, such as policy-based access, proactive monitoring and intrusion detection that is managed on all endpoint devices across the enterprise.
According to security experts, companies should look at their information lifecycles from a holistic perspective, namely, when data is at rest, in motion or in use, to identify where vulnerabilities are and how each 'information state' can be protected.
Data at rest
To reduce the complexity of managed security, companies need to firstly discover where their information resides in an "at rest" state at each endpoint, as well as e-mail servers, document management systems and databases.
The lack of knowledge, coupled with the lack of controls over data stores, can pose a serious threat to organisations.
The primary reason corporate data breaches occur is because companies do not know where their sensitive or confidential business information resides within the network or enterprise systems.
Once discovered, signature-based policies can be created to enforce who can access, view, change or move specific files based on their content and location.
If there is an attempt to access information that is unauthorised, there should be processes in place to prevent access and alert the security officers.
Data in motion
The primary reason corporate data breaches occur is because companies do not know where their sensitive or confidential business information resides.
Patrick Evans is regional director for Africa at Symantec.
When data is in motion, network traffic should be closely monitored to identify where content from e-mail, instant messages and Web traffic is sent to across the various communication channels.
There are various proven proactive technologies that protect data from targeted attacks and attacks not previously seen that use packet and stream intrusion prevention system (IPS) blocking, custom IPS signatures blocking, and generic exploit blocking for proactive threat protection.
Data in use
"Data in use" is typically monitored at the endpoint where a user interacts with information, and looks at what data is accessed and changed, sent via mail or transferred to other devices such as smartphones or USB devices.
Companies should look to technologies that include capabilities that automatically analyse endpoint application behaviours to detect and block suspicious activities, such as downloading of files that do not allow enterprise data discovery, or Web e-mail accounts that are used to disseminate business-related information.
Symantec's SMB Security Survey reveals that the majority of South African companies realise there are serious risks caused by not having adequate controls in place over electronic data stored throughout the enterprise.
Organisations need to examine, understand and prioritise the value of information and how it helps them be financially profitable, juxtaposed against the potential risks that are at stake.
* Patrick Evans is regional director for Africa at Symantec.
Share