What is your data worth? What if it got out into the public or fell into your competitors’ hands? Would it impact your organization or your reputation? What about your customers? How much would it affect your bottom line?
Data is your organization’s lifeblood and it contains a lot of sensitive information, not just about you but also your customers. Every day, data is lost and ends up in the wrong hands, more often than most people will admit. It may not be as public or well known as some attacks, but nonetheless it is still important and impactful.
If anything, the risk of losing data is more likely today than ever before, especially with the proliferation of mobile devices, email, social media, BYOD, etc. Data is being sent by your employees by any means necessary. In fact, 87 percent of senior managers admit to regularly uploading work files to a personal account.1 And 58 percent have accidentally sent sensitive information to the wrong person.1 On average, it costs $240 per record for a data breach.2
Are You Prepared?
With all these challenges, are you able to secure, encrypt and manage all of your data today? If a sensitive document or device were to fall into the wrong hands, could you retrieve or destroy the data? Encrypting the drive of a mobile device only fixes a small part of the equation. Most data leaves your organization via email or cloud storage. Once a document leaves a managed device, such as a smartphone, notebook or tablet, it is unencrypted and completely unmanaged. It has essentially become public and can be forwarded to anyone and saved anywhere. You want to be sure data remains encrypted and can only be viewed or edited by those for whom the data is intended.
A Holistic Approach to Protecting Data
Most data security strategies that organizations rely on also have gaping holes — a problem that must be addressed. To that end, Windows 10 and Azure include methods to ensure data is protected no matter if it is at rest, in motion or being shared. BitLocker encrypts the data stored on the device, ensuring the data can’t be accessed unless unlocked. This technology is quite common and in widespread use today. The protection of data in motion or while being shared is accomplished using the integrated Rights Management (RMS) and Enterprise Data Protection features of Windows 10.
Rights Management is a feature of Azure and the Enterprise Mobility Suite from Microsoft. RMS will encrypt and manage a document shared internally or externally. A user can set an RMS policy on a document that requires a user to authenticate before they can open it. These policies can also determine if a user can execute other actions, such as save, print, email, etc. In the event the document ends up in the wrong hands, RMS prevents access to unauthorized users.
Another aspect of securing data is protecting documents stored on managed devices. Enterprise Data Protection, a feature of Windows 10 Enterprise, allows individual files to be encrypted regardless of where they are stored. Even if the host device isn’t encrypted, the document or an entire folder can be encrypted. EDP also allows data to be selectively wiped off the device, leaving any personal documents and data intact. This is especially useful for BYOD devices that may keep sensitive information. This new feature of Windows 10 was made available in November 2015, and can be managed using Intune from the Enterprise Mobility Suite or with the upcoming release of System Center Configuration Manager.
Keeping track of and managing your data is crucial and often taken too lightly in this mobile age. Sensitive data is kept on insecure devices and commonly lost. There are tools available to secure data regardless of where it is located. And, if it does land in the wrong hands, there are ways to ensure the information is inaccessible and, if necessary, wiped. By using a combination of Windows 10 Enterprise, Azure and the Enterprise Mobility Suite, you can be sure your data is secure.
Check out BizTech Magazine for the latest in cutting-edge data loss prevention technology or leave a comment below with any questions.