The Dark Days of Summer for IT: Securing Traveling Company Data

By Frank Kenney | Jul 13, 2010 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/dark-days-summer-it-securing-traveling-company-data
This summer, many employees will be answering emails and exchanging PowerPoint presentations or Excel documents with sensitive company information from hotel rooms, backyard BBQs and beach chairs.  While new technologies provide both companies and employees with immense flexibility, they can become a security nightmare for IT departments.  

A recent survey of IT executives at RSA found that nearly 90 percent of respondents admitted to using thumb drives or other external devices to move work-related files – posing a huge security risk to organizations, as they're far too easily lost or stolen. 

Companies need to create and enforce secure file transfer policies in order to protect business-critical data in the office – and on the road.  Here are five steps companies need to take to safely manage the exchange of sensitive information:

Establish rules.  Create policies around the portability of data, and clearly communicate it to all employees – with frequent reminders.  

Enforce policies.  Managed file transfer technologies with adhoc functionality help enforce data usage and transport policies such as encryption, access control and authentication. In addition, content management, DLP and filtering technologies help to manage and monitor all files and attachments.

Reward good behavior.  Incentives to do the right things work extremely well when trying to change culture and processes.

Impose repercussions.  Once an employee has been educated and reminded of company policies, take action when policies are broken.

Accommodate mobile and portable devices.  Like it or not, they're part of our business. Products from Apple and Google will continue to provide ways to access corporate email and resources. And almost every device can become a USB memory stick. It's best to provide an approved approach for moving large files that's consistent with company policy, but easy to use – like browsers, email clients or drag-and-drop.

Applying these five steps will provide the protection companies need to keep sensitive information safe – and employees productive – all summer long.