Collaboration between employees is a critical part of business success and a key driver for increasing competitiveness and productivity. If you are using enterprise collaborative environments from Microsoft SharePoint to file shares, or even social platforms, it is important to acknowledge the potential for a data breach. You do not want to find yourself in a position where you are scrambling to retrofit security measures after a breach.
What does a breach look like? Breaches can take many forms, from innocent “whoops” moments such as an employee accidently emailing a document containing confidential information to an unintended third party or mistakenly posting a file with employee social security numbers to a public facing website. Breaches also have a darker side, from a staff member looking to misuse customer or patient information for their own gain, to a disgruntled employee walking away with your intellectual property (IP).
If you are storing, accessing and exchanging content through SharePoint or file shares, you need to consider how best to balance collaboration with information security. Our latest whitepaper, 22 Do’s and Don’ts of Enterprise Collaboration offers a collection of 22 tips to ensure your organization practices secure collaboration to maximize productivity and minimize risk.
Here’s a look at three of the 22 do’s and don’ts covered:
1. DON’T Leave Policy Enforcement up to the Individual.
Most breaches, 75% according to a Forrester study, are the result of employee mistakes not outside threats. Security is one of the most complex features to teach a non-technical user. If you expect your non-technical users to manage and apply policies for content security, you’re leaving the door open to human error. Use a third-party tool that takes the onus of policy enforcement off the employee and the IT administrator and reduces the threat of internal breaches.
Purchasing a solution, and never implementing it because you have too many other projects on your plate or it’s too complicated or expensive to do so, will not protect you from breaches. Nor will telling an auditor in the event of a breach that you have a solution, when in reality it’s just “shelfware,” to insulate you from sanctions. You need to worry about your data and take steps to protect it. That means making a commitment to deploying and actively using technology purchases.
3. DO Secure Content at Rest and in Motion.
Scanning content at rest is important, but collaboration means content is often in motion; it’s being created, published or emailed. You need to ensure that all content is being monitored – whether at rest or in motion – to identify issues, apply classifications and controls, and prevent breaches and policy violations in the first place.
HiSoftware were signed up as silver exhibitors for ESPC14.
