How to achieve data protection and threat prevention while enabling productivity, collaboration and a great user experience.
Data security is at the top of the priority list for most organizations,as well it should be. Threats have never been more numerous, more varied or more dangerous. Phishing attacks, malware, ransomware, BIOS attacks and advanced persistent threats (APTs) are multiplying relentlessly (see sidebar). The dangers of data loss, extortion and identity theft are real. The global average cost of a data breach is $3.62 million USD, according to Ponemon Institute.
The climate of increasing regulation reinforces the imperative to keep data safe. Failure to do so can result in severe penalties. In health care, for example, fines for violating the rules of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), a U.S. privacy act, routinely range from tens of thousands to multiple millions of dollars. Meanwhile, the General Data Protection Regulation (GDPR) of the European Union (EU) went into full effect on May 25, 2018. As of that date, organizations that fail to protect the personally identifiable information of EU citizens are subject to fines of €20 million or 4% of global turnover, whichever is greater.
In this challenging climate, IT leaders must implement security strategies that keep data safe while enabling productivity and collaboration without compromising the user experience. Security policies and solutions that are cumbersome, such as complex and arduous authentication methods or lengthy virus scans, will discourage employees from using their devices – or will lead them to circumvent the security measures entirely. In fact, 41% of employees say they will go around security methods that get in their way.
Current defenses fall short
In the quest to keep data safe and in compliance, there are many defensive measures – and many security products – that organizations might employ. It is possible to purchase each of these from a different provider. In 2017, 25% of security professionals said they used products from 11 to 20 vendors, and 16% said they used products from 21 to 50 vendors. That approach, however, is inefficient at best. Different products must be licensed from different parties, then deployed, maintained and updated from separate management consoles. It’s a costly and time-consuming process that could result in the use of products that are out of date, which could in turn expose an organization to attack.
In any network, endpoint protection is critical – research has found that 95% of breaches begin at endpoints5. Because of the vulnerability of mobile devices and the willingness of mobile users to share data, today’s mobile workforce makes endpoint protection even more important – and more difficult to achieve. Authentication, encryption and advanced malware prevention are three pillars of endpoint security
• Authentication. Single-factor authentication such as a password is typically not sufficient; two-factor authentication is essential. Typically, two-factor authentication utilizes two of these three factors: Something known to the user, such as a password, something the user has, such as a hard or soft security token, and something personal to the user, such as a fingerprint or other biometric.
• Encryption. Although the use of encryption technology is widespread, not all implementations are equally effective. File-level and dual-level encryption have distinct advantages.
Organizations are under siege from ransomware and other threats Data security threats are widespread and constantly evolving to higher levels of sophistication. Malware that was once easy to spot is increasingly difficult to detect. Phishing attacks continue to deliver a number of different kinds of malware from bad actors who send email messages containing clickable links to unsuspecting users. When they click on the links, malware is installed on their systems. Even knowledgeable users are misled by some of the newer attacks. Social engineering, for example, attempts to lure users into exchanging information that can be used to breach a system and install malware. Often, social engineering methods appear to be legitimate, even to the trained eye, because they incorporate valid information relating to a user found elsewhere.