American companies with 1000+ employees each hold more data than the U.S. Library of Congress; approximately 293 billion emails are exchanged globally every day while Facebook users share 30 billion pieces of content every month.
No one said information management and protection was easy. It’s human nature to want to break things down into more manageable pieces, but reducing data control and protection to an inbound threat issue is a classic case of shooting alligators when what you’re really there to do is drain the swamp.
Managing information in today’s business environment has become increasingly complex: Data leakage is a critical issue for CIOs. Companies are hitting the headlines for all the wrong reasons, and human error is one of the biggest culprits. With many organisations focusing on in-bound threats, there’s a genuine risk that vulnerability inside company walls will be overlooked. As Deloitte’s 2011 Global Security Survey has pointed out, ‘external attacks get most of the headlines, but internal security risks are just as onerous.”
It’s time for a new angle on content control.
Communications tools like email and social media have become an almost reflexive thing for end users – combined with easy access to sensitive information, it’s a heady mix that can spell trouble for those charged with preserving the integrity and security of data. Stopping and blocking might seem like the easiest route to take, but this doesn’t reflect the realities of the way we communicate and do business today. To really protect organisational IP and other high-value information assets, monitoring the data leaving the network is just as important as watching what’s coming in.
There’s no patch for irresponsible or careless behaviour, but you can control the consequences. Technology that recognises the difference between an innocent Tweet and potentially damaging data sharing can be automated to prevent users from engaging in risky behaviours without cramping their style as ambassadors for the company brand online. Similarly, context-aware content controls can help guard against accidental data leakage via email – either through automating the decision to encrypt any data that meets specific organisational requirements or inserting an extra “Are you sure you want to send that?” step into the email process when certain kinds of information are being shared.
As companies increasingly understand that inside risk is as serious a concern as outside threats, context-aware content management plays a key role in ensuring that threat doesn’t impede your capacity to communicate and get on with business. Tackling the obvious risks – i.e. shooting alligators – without addressing the broader issues of information explosion and human error (the swamp) is setting yourself up for failure. Sooner or later, you’re going to run out of bullets. And the swamp will still be there.
by Alyn Hockey
No comments:
Post a Comment