I can’t tell you how many times we’ll get a call from someone looking for help with some sort of data protection or security issue after an event has occurred. This can be any one of a number of different events, ranging from careless (I left my laptop at a Starbucks and when I went back it wasn’t there) to sloppy (I accidentally emailed our tax returns to the all employees mail list) to the malicious (I think one of my employees wants to start his own firm, and he took all our secret files off the network). Each one of these upsets me in many different ways, but one thing about them all upsets me the most. If we didn’t have systems, controls, and processes in place in advance of these events, there is absolutely nothing we (or anyone) can do.
Let’s talk about the scenarios above quickly. If somebody gains control of your physical asset (phone, laptop, etc.) and it has proprietary data on it, there is no way after the fact to secure and protect that data. If you had planned ahead however, you could have the laptop encrypted, or have a mobile device management platform in place that could wipe the content of the phone. These solutions are simple up front, but completely impossible once an event has occurred.
How about the sensitive file that was accidentally blasted out? Once that unprotected file makes its way into somebody’s hands, there is generally no getting it back. If you protect sensitive data up front however you are going to be in a much more comfortable position. In this case, you’d have a lot of options. First of course you could simply encrypt all important files and protect them with a password. This should be the bare minimum of what you do. Sometimes however, that isn’t even enough. Let’s say somebody should have access to a file like that today, but something happens and tomorrow they should not. Or maybe they send it to somebody else who shouldn’t have access. Are you out of luck? Not necessarily. A technology like Information Rights Management is “living” information security that follows a document wherever it goes and can change instantly. Imagine being able to pull access from a file that somebody already has, and maybe even has forwarded outside your network? That’s what you can do with IRM.
How about the third scenario above? Well, all the same controls we’ve already talked about would apply, but maybe you are looking for something more. Let’s say you aren’t sure someone is taking or moving large numbers of files – you would need some sort of auditing solution in place. The catch, of course, is you can’t start implementing this after something has been moved or transferred. Once again, you need to have the solution in place before anything happens to ensure you get the answers you need, when you need them.
Information security controls are a lot like insurance. You need to put them in place before something goes wrong, and hope like crazy you don’t need to use them. I realize nobody likes to spend money on something they will hopefully never need, but the alternative is being left completely helpless in the face of some sort of major incident. Don’t wait until it is too late – put a plan in place to protect your most valuable assets today.
