Cybersafetyconnections June 6th, 2022, Vol#70
- Remote work increases the danger of data leaks by employees.
- Technology enhancing remote work also creates room for data leaks.
- Inside risk management (IRM) is the way forward in mitigating the risk of data leaks.
Remote Work, Employees, and Data Leaks
The pandemic accelerated digital transformation that led to the rise of the distributed workforce which in turn improved productivity. With the remote workforce (that is a combination of hybrid and fully remote), there is also a greater chance of data leaks.
This blog was curated from Fortune December 2021/January 2022: Why Hybrid Workforces Need a Modern Approach to Data Risk.
A report from cybersecurity software maker Code42 indicated that about two-thirds of IT leaders said their employees were responsible for a data breach inside their organization.
Some of the data leaks may have been accidental because of negligence and others may have been intentional. The trends from the start of the pandemic showed that the employees of an organization were 85% more likely to leak files, source code, customer pricing information, and trade secrets.
These data leaks can be expensive and can cost up to 20% of the company’s annual revenue.
Technology Aids Data Leaks
The technology that makes it easier for people to collaborate also makes it easy for people to carry out unauthorized data transfers according to CODE42 CEO and President Joe Payne. This scenario includes employees carrying company data with them when they leave the company.
Inside Risk Management
The way forward for companies that see the usefulness of their data? Inside risk management (IRM) which involves taking charge and staying ahead of monitoring potential data leaks.
The traditional approach as we know it is data loss prevention that does not give much room for collaboration. IRM on the other hand is more of a zero-trust view and monitors the way employees obtain data and then respond to any activity that may pose a threat to the company.
For a successful IRM to be created, it requires 3 elements;
Making it clear to employees how and why data is being tracked for the danger an insider may pose to the organization. Let them know you are watching.
Train workers on how to handle company data, and what they are allowed or not allowed to do with company data.
That will automatically discover inconsistent data usage and point it out for investigation. The technology should aid in identifying what actions pose the biggest danger to the organization.
With the digital transformation and adaptation to the remote and hybrid workforce, the IRM is a better approach to security that will help protect company information.
This IRM approach allows file sharing and innovation and at the same time ensures that information is kept secure.
Subscribe to get the latest post