By Dr. Guy Bunker @guybunker
And so to the final post of ‘Three practical steps to help your employees prevent data loss’. To recap, Part 1 focused on Implement a policy and Part 2 - Train and educate employees, and finally Part 3:
Utilize a Technology Solution
If only it were this simple... when it comes to security there are a multitude of solutions – to help defend against a myriad of risks. Whatever I put as a top 5, someone will disagree... but here goes:
- Anti-virus: There’s been a lot of talk about whether AV is dead or not. It isn’t. There are other technologies that can help augment it, but it still has a valuable part to play – and is relatively cheap. Ensure it’s on the endpoints as well as the network (email and the web). Keep it up-to-date.
- Encryption on laptops, firewalls, anti-spam, email & web security – hopefully you have these already. If you don’t then you need to consider getting them. Along with AV, these are the basics if you want to protect your organization from hackers and cyber-attacks.
- Deploy a data loss prevention (DLP) solution. At the end of the day, your critical information is your business – protect it with all that you can. It will stop the hackers from getting at it from outside. Insiders sending it to the wrong people. Malicious insiders stealing it. It is the last element in your line of defence. Even better still, look to the next generation in Advanced DLP solutions, such as Adaptive Redaction – which remove the ‘stop and block’ challenges that traditional DLP solutions have. And make sure you can adopt these technologies across all ingress/egress points as the bad guys and the innocent will focus on or stumble across your weakest link
- Look at a SIEM (Security Incident Event Management) system. These have been around for a while, but they are now able to be deployed and utilized by SMB/SMEs as well as larger organizations. This is something that can start simple and grow in sophistication as the organization expands its understanding.
- Finally, review the latest advanced technologies. Sandboxing, whitelisting, network analytics all have a part to play. They should be considered as part of a complete solution – not the complete solution alone.