As I was reading Ponemon Institute’s most recent report on data protection and information security, “Closing Security Gaps to Protect Corporate Data,” I was struck by the study’s most significant finding: 3 out of 4 companies have experienced loss or theft of important data. Three out of four?! That means that at recent meetings I’ve attended with other CEOs and corporate leaders that almost everyone has faced this significant challenge to their business and reputation! And that’s companies of all sizes, not just the big guys you hear about in the news. How did we get to a place where data insecurity is the norm?
To start, the pace of business today requires information to flow quickly and efficiently to those who need it to do their jobs; we need the data now! This critical flow of data is expedited by the rise of cloud collaboration apps like Office 365 and Google Apps. Now Jim in Finance in Boston can access key customer purchase data from Susan in Operations in Chicago, and Diane and George in Patient Accounts can work together on a report that shows a correlation between account delinquencies and insurance providers. In fact, Ponemon found that 88% of end users say their jobs require them to access and use proprietary information. If everyone’s doing it, it must be ok, right? What could possibly go wrong?
Well, we all know the answer to that. Now that the data is so easily accessible, it’s also easily abused. And usually not with malicious intent. In fact, Ponemon found that it’s more than twice as likely to be due to innocent employee behavior than a crafty cybercriminal. A simple user error, like uploading a sensitive file to the wrong folder in Dropbox, can result in the accidental disclosure of client data, trade secrets, and even health records. So aside from removing all access to the cloud or firing all employees, what can you do to protect your company?
Cloud Access Security Brokers (CASBs) are the answer. This new segment of cloud security products provides visibility into the use of those collaborative cloud apps that, unmonitored, can wreak havoc with your company’s confidential data and reputation. CASBs can tell you who is using which apps and on what devices, even if they’re outside of the corporate security perimeter.
But that’s only half the equation. To be truly confident in your cloud security and determine if you are at risk, you need to know what data is being shared too. Is it credit card or social security numbers? Patient case info? Proprietary development code? To answer that you need a CASB with audit and control features that use cloud-native APIs to see deep into the shared data. Our CASB product, Cloud Access Monitor, provides these critical features, with APIs to Office 365, Google Apps, and other popular cloud collaboration apps. So you can detect suspicious data behavior before your company becomes another statistic.
Want to see how a CASB can protect against innocent insider security mistakes? Watch our brief video tour of Cloud Access Monitor in action.