There’s a very good chance you’ve used a file-sharing product like OneDrive, Google Drive or Box today. There’s an even better chance that, at some point, you’ve shared the wrong file—or shared a file with the wrong people (mistakenly or unknowingly). It’s startlingly easy to do, and that’s a complete nightmare for enterprise data security. In fact, research shows that one in five files uploaded contain sensitive data, and 3 percent of uploads end up with “public” permissions. That means literally anyone with a Google search bar can find and view them.
Just like with GDPR compliance and data security in general, when it comes to securing collaboration and mobility, it’s about getting a better set of tools–tools that enable cloud collaboration and drive digital transformation while mitigating the inherent risks.
The problem: the world has changed in three big ways
The collaboration challenge is both driven and magnified by three critical changes in the enterprise world:
- The idea economy. Revenue and growth used to come from doing more transactions. Now we grow through innovation. As tech legend Meg Whitman put it, “In an Idea Economy, success is defined by the ability to turn ideas into value faster than your competition.”
- Mobility. Ideas are highly mobile, and this is accentuated by the mobility of today’s knowledge workers. Ideas are born on endpoint devices—and they’re increasingly staying there, instead of moving to central shared drives.
- Employee churn. The revolving door is spinning faster and faster. According to a recent Jobvite survey, 18 percent of the total workforce now switches jobs every one or two years. This number jumps all the way to 42 percent for millennials. When employees leave, they take their data (and many of their ideas) with them; 59 percent of employees take data when they leave a company, and 42 percent believe it’s their right to do so.
All of this adds up to a simple problem: Organizations don’t know where their data lives anymore. But there are tools being developed today that can help you move from the traditional approach of securing the environment to securing the data itself.
Step 1: Know WHAT your data is
I recently spoke at a 2018 CSO50 conference, and I asked a simple question to the crowd: Do you treat your data differently based on who created it, what it is and its value? My informal survey showed nearly all of the audience said, “No.” Most companies are treating valuable IP and sensitive data, like social security numbers, financial spreadsheets and documents containing architectural intellectual property in the same way they treat users’ music files and family photos.
We need to get better at classifying data if we’re going to simplify the giant (and growing) challenge of protecting data. At Code42, we’re working on tools that make it easy and cost-effective to understand what your data is. These tools combine comprehensive data visibility with smart ways of recognizing which files and data are most sensitive and valuable to your organization—so you can focus your efforts in the right place.
Step 2: SEE movement to the cloud
Today, plenty of organizations have tools in place that allow them to see when data moves from a laptop to a cloud storage location or file-sharing app. But the reality is this movement is happening constantly—and 99 percent of it is legitimate productivity. The challenge is recognizing that one percent that isn’t. We’ll have more news about these tools at Evolution18, our annual customer conference. Sign up today to be one of the first to learn about our new solutions and future innovations.
Forrester’s Mitigating Insider Threats: The Security Playbook