By Filip Cotfas
Data in motion is exposed to many risks; as data travels, both inside and outside the company it can easily fall into the wrong hands. Data has grown into one of the most important assets organizations possess. Losing intellectual property (IP), a customer’s personally identifiable information (PII) or financial information can cause substantial damage to companies. Data that needs to be safeguarded exists in three states: at rest, in use and in motion. While it is important to secure data in all its modes, data in motion is particularly vulnerable.
Data in motion, also referred to as data in transit, is digital information that is transferred between locations either within or between computer systems. Data in motion can be data sent from desktop to cloud, portable devices or other exit points. Once the data arrives at its final destination, it becomes data at rest.
Data in motion has to be safeguarded not only because a growing number of regulatory guidelines, like PCI DSS, GDPR, HIPAA or SOX require it in specific ways but also because unprotected sensitive data can cause damages on several levels to a company, including exposure to possible financial penalties and reputational risks.
Due to the digitalization of businesses and the increased mobility of workers, data travels more and more in order to enable collaboration. Employees are often using multiple devices to get their work done and this means that information is being created and shared in diverse ways, across a variety of locations. Sending sensitive information through workstream collaboration platforms like Slack or Mattermost can easily expose sensitive information or send into the wrong hands, whether inside the organization or outside of it. The rise of shadow IT also leads to increased possibilities of sensitive data being leaked, as it can be easily transmitted to persons outside the company.
When in motion, data has to contend with a wide range of threats including human error, network failures, insecure file sharing, malicious actions and more. What organisations need to keep in mind is that the benefits of improved productivity, availability and flexibility shouldn’t come at the cost of security and data protection.
In the following, this article takes a close look on how data in motion can be best protected in order to avoid data breaches.
Identify critical assets and vulnerabilities
Organizations should adopt proactive security approach which includes classifying and categorizing data coupled with content, user, and context-aware security protocols in order to effectively protect their sensitive data in every state. Risk assessments should be conducted in order to discover the volume of sensitive data the company holds, the movement of sensitive data, liability costs, the number of users who have access to sensitive data etc. Identifying industry standards like PCI DSS and compliance requirements like GDPR that apply to them is also essential.
Define security framework for data
Building a data security in motion plan is another step organizations shouldn’t skip. This includes defining requirements that will help safeguarding data in transit, addressing possible situations that could result in breaches and raising awareness among employees and partners. All employees should be aware of the security risks that could expose the organization to fees and fines due to poor cyber security procedures.
Implement technologies and processes
Implementing processes and systems that ensure the safe transfer of sensitive data is vital in order to ensure data leaks and data theft. Encryption plays a large role in this step and it should be integrated into common business workflows. Encryption requirements should be based on the latest standards by only allowing secure protocols. Email security is also essential since it is a widely used channel for business communication. The best way to ensure that messages and attachments remain confidential is to transmit them through an encryption platform that integrates with existing systems and workflows. To safeguard data in transit against malware attacks or intrusions, network security solutions like firewalls should be implemented. Data Loss Prevention (DLP) solutions usually address the threats data in motion faces from breaches and human error during its transit.
How Endpoint Protector safeguards data in motion?
Endpoint Protector is a cross-platform Data Loss prevention solution that helps companies fight against data leaks and data theft. It scans network traffic for sensitive information and doesn’t let critical information leave the organization’s environment. What this essentially means is that employees can be blocked from transferring certain types of files that contain sensitive information based on specific file types, predefined content, file name, Regular Expressions or compliance profiles for regulations such as HIPAA, PCI DSS, GDPR, and others.
(The author is the Channel Manager – SAARC, Japan, Northern Europe at CoSoSys)