Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Database

    Keep Security Simple: 10 Ways to Prevent Damaging Data Leaks

    By
    Chris Preimesberger
    -
    September 19, 2013
    Share
    Facebook
    Twitter
    Linkedin

      PrevNext

      1Keep Security Simple: 10 Ways to Prevent Damaging Data Leaks

      0-Keep Security Simple: 10 Ways to Prevent Damaging Data Leaks

      By Chris Preimesberger

      2Don’t Rely On Compliance Policy Alone

      1-Don’t Rely On Compliance Policy Alone

      Extensive, stringent security policies often burden employees with costly, time-consuming training. As reading security policies is not a user-friendly experience, employees tend to read only what they feel they need and dismiss the rest. This apathy signals a need to streamline security policies and make it easier for employees to understand and follow them.

      3Support Efficient Workflows

      2-Support Efficient Workflows

      The goal for any enterprise security program should focus on supporting an efficient employee workflow. The employee should be able to open an email, type an address, drag-and-drop a file and decide if it is sensitive. If it needs to be protected, click a button and send. One mouse click and a little bit of intelligence, and sensitive information is guarded. The same simple approach should be considered for every point of exchange and revision throughout the sensitive information’s lifecycle.

      4Focus on Protecting Information vs. Infrastructure

      3-Focus on Protecting Information vs. Infrastructure

      Infrastructure in an age of BYOD is too vulnerable. A new paradigm to protect the data before the infrastructure is necessary. Properly protected data stays secure when infrastructure gets cracked, which it often does. Protect data first. Companies with sensitive and secure data is at stake desire a detailed user interface that is easy to learn and still provides the utmost control and flexibility into the visibility of such data from those inside and outside the organization.

      5Ubiquitous Security Through Access Control

      4-Ubiquitous Security Through Access Control

      A best practice is to ensure that high-value information is matched to high “security” valued people, who are trustworthy, with appropriate permissions and access. Consider all end-users agents of security. End users are also partners and providers, particularly in an age of cloud computing. This fact calls for provider shielding; the provider should have no capability to access the information located within its customer data once encryption is set for their application and use. A provider can (and should) still help clients build a private cloud without being privy to its content.

      6Beware of Consumer-Grade Cloud File Sharing

      5-Beware of Consumer-Grade Cloud File Sharing

      One of the greatest end-user enterprise security threats is having to compete with the convenience and emergence of consumer electronics and platforms for data exchange and collaboration, such as free cloud-based file sharing. Today, employees need to collaborate. If the enterprise doesn’t provide a secure file-sharing system, they will certainly use one of the many insecure consumer-grade platforms to get the job done.

      7‘He Who Guards Everything Guards Nothing’

      6-'He Who Guards Everything Guards Nothing'

      Frederick II of Prussia said it, but the expression applies here. It prompts leadership to think efficiently about what needs to be guarded. Focus on risk areas and take action on them, rather than safeguarding everything. Where are the obvious and the more obscure risks? Simply put: Secure your vulnerable and high-value data.

      8Guard Against Inside Jobs

      7-Guard Against Inside Jobs

      Many security breaches and data compromises are inside jobs; there may be an Edward Snowden down the hall from you. External stakeholders pose risk, but internal stakeholders can pose more. Focus on access and privacy controls and instill security policy and compliance from the inside out. Guard with targeted precision, and your protection will be stronger.

      9Security Can’t Be an Afterthought; Ease of Use Is Important

      8-Security Can't Be an Afterthought; Ease of Use Is Important

      Security must be tightly integrated into the professional enterprise technologies that end-user employees are already using, not bolted on afterward. Security solutions should seamlessly and tightly integrate with popular applications that are part of employees’ workflows. If a busy employee has to close out of Microsoft Outlook or open another program window to secure his email, he will likely skip the step.

      10Security Should Be Selective but Simple

      9-Security Should Be Selective but Simple

      Easy-to-use technology and a little bit of intelligence could not only guard newly created information but help classify existing unprotected information. A company can use three easily understood categories of information: a) I know it’s sensitive, so store it in the most secure category of our solution; b) I think it’s sensitive, so store it in a medium security area; c) I know it’s not sensitive, so leave it on a hard drive.

      11Turn Employees From Liabilities to Security Assets

      10-Turn Employees From Liabilities to Security Assets

      Easy-to-execute security training and qualification will be most effective and focused as people-friendly to ensure compliance. Remember, most of the time, employees will choose the pressures of their job over the drudgery of reading a security policy or navigating complex technology. Select the best technology to enable the company’s policy. It’s as easy to be secure as it is to just send a file. It costs one click.

      PrevNext

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×