Where is your Corporate Data Located?
How secure is it?
If you don't know where your data is located how can you secure it? A major goal of BeCloud security audits is to help customers identify where critical data is located and if it should be controlled and audited. The majority of cybersecurity breaches that occur today encrypt company data preventing legitimate use. The data sitting in corporate IT systems must be identified, secured, and backed up. Below we list common places where corporate data is stored:
For this discussion, endpoints include laptops, desktops, tablets, and smartphones.
Corporate email and business documents can easily be compromised. How can you stop users from forwarding confidential information? How can you prevent disgruntled employees from deleting data? How can you meet regulatory requirements and legal holds?
Data can be managed by implementing data controls and data lifecycle management polices. BeCloud can implement data lifecycle management and data controls but they must be turned on and configured. Most options are not enabled by default.
2. Local or Cloud Servers
The most common place for data is in the cloud.
At the very least your email contains confidential information. How can cloud-enabled email such as Microsoft Office 365 send secure emails? What data is stored in Dropbox and is it encrypted at rest and in transit? What permissions are set on local documents and are they audited and archived to meet corporate policies? What is your backup plan for the data?
Data can be managed in the cloud or on-premise. BeCloud has experience with third party utilities for securing email. We can audit data lifecycle management and data controls to identify any inconsistencies and our SecureIT option utilizes AI to alert us of data access anomalies.
3. External Hard Drives or Memory Cards
Businesses can experience loss of data and network breaches due to USB drives.
We recommend limited use of external drives and memory drives. An all-out ban on USB storage devices is even better. Disk encryption and access policies can be enabled on the devices, but physical access control makes external drive use problematic.
4. Contractors and Consultants
A larger business has external suppliers, contractors, and consultants with access to corporate data.
Controlling data access involves continual maintenance. Who is responsible for monitoring and auditing permissions throughout the data lifecycle? Do you have an NDA in place?
Becloud's ManageIT and SecureIT programs can help. We manage the data lifecycle from beginning to end through regularly scheduled audits and monitoring programs utilizing Artificial Intelligence.
Does a preventable data breach invalidate your insurance?
Schedule your comprehensive audit today