THE SECURITY DILEMMA OF DATA GROWTH

Over the years, as hybrid and remote work has increased, so has the proliferation of data. This is referred to as "data sprawl" where sensitive data and information is stored in different locations through the scattered and unmanaged use of cloud apps. It is said that one in five employees uses personal apps to create, share, store or upload sensitive data from work. That is far too much personal and sensitive data in different places, which is usually even forgotten by the user.

As apps, services, and tools that enable hybrid or remote working penetrate corporate networks, attackers are increasingly exploiting the numerous blind spots. However, there are some actions security teams can take to better understand this trend and mitigate the impact of data proliferation.

Understand the use of apps in the workplace

To properly understand and protect the flow of data, security teams need to know where the data resides and who can access it. When sensitive files are spread across different cloud platforms, visibility is not very possible. However, when the data is distributed across multiple external applications to share and store it, problems arise. It is therefore advantageous to store sensitive files centrally using special applications.

The average company uploads, shares and creates over 138 external apps in total as part of its daily work. Many of them have similar functions, which poses a great opportunity for cyber criminals and a major problem for security teams.

Capitalize on growing app usage

As the use of apps in the workplace increases, cybercriminals gain access to applications that are not as secure as others. They can easily disguise themselves as such applications and infiltrate systems, making it more difficult for security teams to catch them individually.

This happens more often than one might think. Microsoft recently endured an extensive security investigation after employees uploaded sensitive credentials to GitHub that gave attackers access to the company's internal systems. The information was linked to an official Microsoft tenant ID and could be used to access other points in Microsoft's internal system.

Even though incidents like these actively encourage companies to focus more on their security, which includes transparency and monitoring of data. But once a person has penetrated the systems, it may already be too late.

Industry control over data dissemination

When it comes to limiting the spread of data in the workplace, organizations can consider several variables to mitigate this issue. For example, the corporate finance sector is much more stringent in terms of security controls and regulations. This restricts the use of other external applications in the workplace.

In other sectors, it is more difficult to limit data proliferation due to remote companies and less stringent industry regulations. Retail workers, for example, regularly use a variety of cloud applications in the workplace. In fact, 40% of retail users upload data to personal apps. Not only in this sector, but in all industries, it is important for IT security teams take proactive measures to minimize the risk of data proliferation.

Data Spread Limitation Practices

With the right security strategies and policies in place, security teams can confidently leverage cloud services and hybrid workspaces without worrying about data proliferation. This will look different for each company depending on factors such as size, security maturity, and goals. However, some basic security best practices remain constant, including:

1. Use single sign-on (SSO) for internal applications.

This enables central user management and ensures that if employees leave the company, you have a central place to remove their access to any cloud resources containing sensitive company data.

2. Configure controls to restrict the movement of sensitive data

Implement app and instance-specific security controls to prevent users from storing sensitive data in unauthorized locations. For example, security controls should be able to distinguish between a user's personal Google Account and corporate Google Workspaces account and prevent users from uploading sensitive data to the former. Policies can be configured based on a user's device, location, or risk.

3. Monitoring risky user behavior

User behavior analysis can complement the security controls described above by identifying risky user behavior, e.g. B. A sudden increase in downloads from managed apps and app instances or uploads to unmanaged apps and app instances. This behavior can be used to identify areas where tighter controls are needed or users who need more training.

4. Train employees

With the right policies and controls in place, the next step is to effectively communicate those policies to employees. Work closely with Human Resources to make safety training a regular part of onboarding and annual training. Make sure your policies include threats from departing employees to ensure they don't upload company information to personal apps before they leave the company. This practice can pose a major threat to businesses, especially at a time when layoffs are on the rise.

With the shift to hybrid working, it is becoming increasingly difficult to protect data, especially when it comes to the increasing use of cloud applications. Enterprises' journey to the cloud must be accompanied by strict security policies and an appropriate security infrastructure to deal with the uncontrolled use of apps and the resulting massive data proliferation. Hybrid working will only succeed if organizations, and particularly their security teams, take a proactive approach to limit data proliferation.

If you're looking to hire your team to help you protect your security to limit data exposure for a growing company, we're trusted experts in the I.T Infrastructure industry so contact us to gain help hiring the best specialists in the field. Check out how to contact us today by clicking here