Often, the need to protect data gets applied in a blanket mode with all data receiving equal levels of protection. While this may sound ideal, in reality it is far from that and can actually add layers of unnecessary complexity to business, resulting in either slowing things down, or introducing shadow IT as employees look to circumvent controls.
Most important in any data-protection project is to take time to understand what data you have, as only then can you successfully know what does or does not need to be protected. However, this is time-consuming, complex and dynamic. As a result, many people use a blanket approach to security because it seems easier than a data-audit. The reality though is that a good data-audit carried out at the start of a data-protection program will pay dividends. For example, why protect accessible PDF files on a public-facing website? Remember that each item being protected carries a cost, and while the cost may be tiny, if it’s multiplied to millions of objects it will escalate.
A second but still important area is to ensure that employees are trained in the importance of protecting their data. Phishing and ransomware are still the most common attack vectors, and in this case data loss can literally start with a mis-directed mouse-click. It is important to run regular training for users on how to spot phishing and why not to download software. These are all simple to do and beneficial beyond work, as employees will share what they learn with friends and family too!
As part of our webinar series on data protection, we will discuss how best to identify data that needs to be protected in your organization, share best practices and what to look for when it comes to end-user attacks.
For related content and to find out how Juniper Networks can simplify and support your data protection strategy, click here.