6 shocking gaps in your data security strategy

Despite billions of dollars invested in cybersecurity, businesses lose critical data daily. We’ve secured our organizations like fortresses, building layers of walls around networks, applications, storage containers, identity, and devices. But when an unhappy employee moves high-value designs onto a USB drive or sends important email attachment outside the “secure” network, those walls crumble the moment we need them the most.

Data security company Vera has compiled industry research, best practices from CSOs/CIOs, and customer conversations to help enterprises better understand and diagnose their own data security blind spots. In this slideshow, Prakash Linga, CTO and co-founder of Vera, shares where CISOs are shifting their investments to close 6 of the most challenging security gaps in today’s enterprise security strategies.

No, not the way we should have. We know this because Gartner estimates we spent over $75 billion in IT security last year, and yet the number of breaches continues to increase. We’ve built higher, stronger walls, but neglected securing the information itself. That’s why this approach has failed in the past - once confidential data is shared or download, we lose both control and visibility.

Human error is responsible for 25 percent of data breaches globally, and according to Ponemon’s Cost of Data Breach Study, at least one in four breaches occurred due to employee negligence.

Employees don’t use the software or tools because they’re too difficult or annoying to use. They bypass the secure FTP server, copy and paste data from secured files into an unsecured document, and then send themselves sensitive attachments to their personal email account - just to avoid the pain of dealing with outdated, frustrating internal systems. This is a major blind spot where sensitive data slips through the cracks of enterprise walls.

Companies lose information by not being able to see where, when, or how our sensitive information is being used after it’s sent beyond these walls. How often have your clients forwarded information to unwanted viewers? What exactly are third-party contractors doing with your information? Here’s an eye-opening statistic: 60 percent of employees have received files unintended for their eyes. If data is regulated, businesses bear responsibility for it, even when you cannot see it.

Once the data slips through your walls, IT and security teams lose the ability to lock down access to lost files, cordon off leaked information, or keep data out of unwanted viewers’ hands. There isn’t an Undo button to revoke access to files. This gap existed long before Box and Dropbox file sync and share came along, but it’s the root cause of many cloud collaboration and storage fears.

We lose data because of the time lag it takes to understand and respond to new technologies brought to the workplace. In the rush to get business done, security is often left to play catch-up. And security breaches may be the unintended consequences of this gap. You need security that operates at the speed of business, with flexibility to adapt to the unknown.

Current mobile security solutions can’t address the reality of a modern, collaborative enterprise. Born out of the need to catalog and manage the physical devices, EMM and MDM platforms are a necessary tool when IT provides and provisions every device. However, it’s far too easy to avoid the secure containers, send data to unmanaged devices, and access it in third-party apps. And that doesn’t even address the biggest part of the mobile gap - the phones and tablets your customers and partners use to access information. EMM solutions don’t extend beyond your organization, so you need to focus your efforts on directly protecting what matters, the documents and data they’re accessing.

To protect our ideas, we must first protect the content we create. We’re no longer in a world where content is limited to Office files and PDFs. We’re generating more and different content types, including 3D PDFs, videos, medical images, design files and even custom data from home-grown applications. Because the types of content we create is changing and accelerating, security can’t be limited to protecting just a subset of files. To avoid the content gap, security must encompass all forms of information.

These security gaps are a result of taking this years-old approach to a complex, constantly changing IT environment. Businesses today simply cannot fill security gaps by doing more of the same things. It’s time to look at protecting the data throughout its entire life cycle--when it’s being used, and as it travels beyond enterprise walls into unmanaged domains, devices and applications.