With so much attention placed on protecting corporate infrastructure from external threats, it often comes as a surprise to IT leadership that over 40% of data loss is the direct result of internal threats. While we must generally think of our employees as trusted individuals, their mishandling of data -- both intentional and unintentional -- is a tremendous risk in the world of IT security.
The situation is not helped by the changing ways workers are interacting with and handling data. The Bring Your Own Device (BYOD) movement has made employees lives much easier, now that they can perform work duties in ways that before were difficult and in places previously unreachable. But at the same time, BYOD has also introduced far more ways for data to leak out of IT's protective hands.
As a result, IT administrators must begin to think more seriously about internal machine-to-machine transactions -- and how they pose as much of a threat of data loss as employees do. The Internet of Things (IoT) will undoubtedly increase the risk of machine-account theft and usage. Adding to the risk is the fact that machine-account security standards are far less secure when compared with employee user accounts.
Needless to say, simply preaching about employee education and patch management won't quite cut it in today's ever-growing problem of data loss, which, along with associated downtime, costs enterprise organizations around the world $1.7 trillion a year. IT security, with IT leadership championing the effort, must move well beyond the basics.
The following pages present 10 different ways your organization can help reduce the risk of internal data breaches. Most enterprises have likely implemented one or more of these security practices. But there might be some methods listed that many may not have thought of or seriously considered.
Take a look and tell us what you think of our list. Are there other data security measures that your organization uses? Let us know in the comments section below.