When many people think about data security, they think about network and server security – firewalls, anti-virus, etc. In other words, they think about protection against external threats. Given the press attention paid to breaches caused by “hackers,” this is unsurprising. But external threats only make up less than half of what puts sensitive data, documents and files at risk. At its root, data security is a human error problem, and more often than not breaches and leaks stem from problems within a company’s own ranks.
Take the latest healthcare data leak incidents as examples. These incidents were caused by malware-infected USB drives brought in by trusted individuals. And other issues continue to plague that industry specifically, including data being stolen internally, physical mail being stolen in transit, wrong data being sent to patients, unauthorized email access, and 3rd party data centers being breached. But these problem are hardly unique to the healthcare industry. There were 781 major breaches across all industries in 2015 and 783 in 2014. These numbers don’t even account for unreported and undetected incidents. There will likely be more in 2016 by the time the year is over.
Only a small handful of recent breaches could have been prevented by bolstering network security. Continuously ramping up network perimeter defenses will only result in immense costs with steep diminishing returns. Instead, security-minded enterprises should be focusing on improving their internal data security systems like EDRM, EFSS and email attachment link replacement.
Vaultize takes a holistic approach to securing sensitive data, documents and files and can help any organization bring their internal data security processes up to speed. That’s not to say Vaultize doesn’t take security against external threats serious – we just recognize that full coverage is needed if data is to be kept out of the wrong hands. Some examples of how our platform works and use cases for the platform are as follow:
- In case of a network breach, the targeted data becomes useless for the culprit because Vaultize has already encrypted the data on the server and does it again as it’s in transit and when it’s downloaded to a user’s device.
- Automated enforcement policies set up by your IT team or managers allow easy, secure sharing of files by employees and complete insight and control over documents for admins.
- Real-time file access monitoring allows admins to set geo- and IP-based filtering, time-sensitive access windows and other customizable filters to control the flow of data anywhere it goes
- Integration with other network security mechanisms like anit-virius, DLP, authentication systems, SIEM allows Vaultize EDRM to fit in your current security ecosystem
While securing your network’s perimeter is a given for any solid strategy, ignoring the fact that most security incidents come from within is asking to make the front page as the next victim of a costly and embarrassing breach. Rather than continuously building a bigger wall around your data, think in terms of securing each file with encryption and limiting and monitoring how those encrypted files move.
To learn more about how Vaultize can help you and your team meet and exceed industry compliance requirements and prevent costly and embarrassing breaches, please contact our solutions team.
Also feel free to reach out to us with suggestions for blog post and webinar topics – we’re looking forward to hearing from you!