(September 2020) There is no question that the widespread adoption of remote work practices has created additional risk and an ideal environment for cybercriminals. Home office networks are not as closely monitored and secured as company headquarters. In the rush to adapt to remote work, employees often use unsecure apps and personal devices while trying to get their jobs done.
With tens of millions of Americans now working from home due to the pandemic, hundreds of petabytes of data are moving back and forth between home, corporate networks, and cloud providers daily. That increased traffic has resulted in rising levels of data loss and data leakage. In one recent survey, 84 percent of IT leaders said that safeguarding data has become more challenging with a remote workforce.
This challenge is driving renewed interest in Data Loss Prevention (DLP) solutions. These tools monitor user devices, email clients, servers, network gateways, and other entry and exit points and apply controls to safeguard sensitive data. The need for DLP solutions and expertise is expected to grow by 25 percent annually because of the impact of the pandemic and the move toward remote work.
Remote Work is Risky Business
A new Digital Guardian report assesses some of the risks that changing data egress patterns have created. During the first three months of the pandemic, there was a 123 percent increase in company data downloaded to USB devices, and three-quarters of that data was subject to various data governance policies. Additionally, employees uploaded 336 terabytes of data to the cloud during the first month of the pandemic — an 80 percent jump over the previous two months.
Unsurprisingly, cybercriminals have been quick to exploit these shifts. The study reports that there was a 62 percent increase in malicious activity in the first month of the pandemic, along with a 54 percent increase in incident-response investigations.
Data at rest or in-transit is at risk. Data at rest, if not encrypted, can be an inviting target for cybercriminals. Anytime data is being transmitted there is a chance it could wind up in the wrong hands through interception, unauthorized access, or accidental delivery to the wrong person.
Plugging the Leaks
Cybercriminals profit from selling and trading stolen data. Some examples include personally identifiable information (PII), bank account information, and credit card numbers. After cybercriminals gain access to sensitive information on a remote device or corporate network, they typically seek to copy or transfer the data to another location under their control. From there, the stolen data can be further analyzed and exploited. This process is referred to as data exfiltration.
DLP monitors and detects sensitive data in transit using a combination of proven techniques. These include tried-and-true methods such as rules-based analysis and fingerprinting along with recent advances in artificial intelligence. This combination provides more predictive and reliable results while minimizing false positives.
A DLP solution offers two key benefits. First, it quickly identifies unusual or suspicious activities such as data being exfiltrated from your network due to a security breach. Irregularities can be flagged and blocked instantly. Second, it helps prevent confidential information from leaving the organization either accidentally or through the actions of a malicious employee. Such confidential data might include financial information, customer records, trade secrets, credit card numbers, tax documents, and medical records transmitted via email, instant messaging, or social networking sites. DLP is often integrated with other essential perimeter defenses as part of a layered security strategy.
Mainstream Technologies provides DLP capabilities as part of our innovative Firewall-as-a-Service (FWaaS) offering. With this service, Mainstream can help minimize the risk of accidental data leakage or malicious data exfiltration while eliminating the management and support burden on you or your IT staff. Contact Mainstream today to learn more about how DLP and our FWaaS offering can benefit your business.
ABOUT MAINSTREAM TECHNOLOGIES
Since 1996, Mainstream Technologies (www.mainstream-tech.com) has established itself as one of the most respected technology companies in Arkansas. Our team of experienced technology professionals delivers a full range of technology services, including IT Management and Consulting, Custom Software Development, Cyber Security, and Data Center Services. With headquarters and data center facilities in Little Rock, and sales offices in Conway and Bentonville, Mainstream serves public-and private-sector customers across the United States.
IT Business Development Manager
(479) 715-8629 Office
(501) 529-0008 Mobile