The ever-increasing innovation of electronic device manufacturers has provided businesses and consumers with many exciting ways of enjoying their recreation time and has provided flexible ways of collecting and distributing data for organisations.
With this flexibility comes a huge security problem as companies realise that their corporate data can be downloaded and removed from their control within seconds. The improved efficiency of these devices has created a nemesis for the IT security professional who now has to contend with multiple, often unknown, escape routes for company data.
The only effective way of dealing with this problem in anything other than the smallest of organisations is to implement an endpoint data protection strategy. This needs to comprise the following:
- Education, so that users understand the issues of data loss and how it can affect their organisation and, possibly, their job
- Processes that support endpoint data protection including IT security policies and work tasks that minimise the chances of data being mismanaged
- Technologies that create robust barriers that defend corporate data whilst not becoming an obstruction to people doing their jobs
The majority of data loss incidents arise from end user errors rather than deliberate attempts to steal information. Whilst it is accepted that deliberate, targeted data theft is almost impossible to eradicate almost all accidental losses can be mitigated. This can be achieved by putting in place a sensible, well thought out strategy alongside education and technology, the result of which is an organisation that can hugely increase their endpoint protection.
By failing to secure its endpoints an organisation and its executives could be subjected to reputational damage as well as legal actions.