The Last Mile: Security at the Edge

Jeff Capone is the CEO and Co-Founder of SecureCIrcle, a leader in unstructured data security focused on data access governance and data loss prevention.
Jeff Capone is the CEO and Co-Founder of SecureCIrcle, a leader in unstructured data security focused on data access governance and data loss prevention.

The last mile isn’t only a headache for telecom, Internet and cable – it’s also a critical issue facing cybersecurity professionals in organizations everywhere. While communications providers are wondering how to effectively get the services out to end-users, CISO’s and other cybersecurity professionals have a very different problem: how to secure the data that has left their organizations and is now in the hands of employees and others.

The realities of enterprise computing today have turned security best practices on their head. Gone are the days when companies could rely on a well-protected perimeter and traditional data protection and access control technology to keep organizations safe. The proliferation of BYOD devices in companies, cloud-based apps, and a focus on computing at the edge are making it harder than ever for security executives to protect their data in today’s perimeter-less environment. And when the data goes out to the laptop, mobile or other employee devices, the control over data becomes greatly diminished.

Cybersecurity professionals are facing other challenges as they try to secure data at the edge:

  • You can’t depend on users. Employees’ primary focus, understandably, is on getting their jobs done effectively, so security typically becomes an afterthought. Any security measure that requires users to take action, such as opt-in requirements, is going to fail. Similarly, if a solution makes it difficult for employees to work in the way in which they are accustomed, they’ll typically find a way to work around it. Some organizations are focusing on behavior changes to change this mindset, but it’s a huge undertaking that is difficult to implement and enforce.
  • The old ways just don’t work. Organizations used to be able to depend on the perimeter to keep internal data safe, but now cloud computing has made this first line of defense more porous. Some companies are using legacy second-line of defense tools such as DLP, IRM and File Encryption to address these issues, but they were not designed for that. Other technologies, such as Information Rights Management solutions, have not been able to address the first line of defense problems such as malicious or accidental insider threats. 
  • Threats come from everywhere. When companies think of cybersecurity breaches, they typically focus externally. It seems like we are besieged with cyber threats all the time – advanced persistent threats (APT), ransomware, and malware such as viruses and trojan horses. Hackers have been hitting government institutions like the Democratic National Committee (DNC), social media such as Facebook, financial institutions like Equifax, retailers like T.J. Maxx, and more. Threats are everywhere.

Ironically, there are almost as many internal threats as external.  According to Intel, 43 percent of data breaches come from internal causes. While some internal breaches might be willful acts from disgruntled employees or others, many are unintentional. This type of breach could come from employees accidentally sharing confidential information or sending an email to the wrong person. Some employees may be hacked, succumb to phishing attempts or have devices that are infected with malware.

  • What happens to derivative works? You may have information safe and secure in a file, but what happens when the data contained in it gets cut and pasted into other files? It’s too easy for employees to copy information from a document to a PowerPoint, email or other formats, leaving the data unprotected.
  • How can you protect your data once it leaves the organization? Even if you purposefully share data with third-parties it is still vulnerable. How do you know they will keep it secure?
  • The stakes have never been higher.  As government and industry regulations are more focused on safeguarding individual privacy, companies are required to provide greater security and oversight. Some regulations that companies must adhere to include:  General Data Protection Regulation (GDPR), a European regulation which may have impact beyond Europe’s borders; the Health Insurance Portability and Accountability Act (HIPPA) in the healthcare industry; the Gramm-Leach-Bliley Act (GLBA) in finance; and the Payment Card Industry’s Data Security Standard (PCI DSS) in payments. With steep fines and potential negative fallout facing organizations that don’t adhere to these regulations, compliance has never been of greater concern.

What’s next

Given the many cybersecurity issues caused by computing at the edge, what should you do? First of all, you shouldn’t depend on the perimeter or firewall, since they no longer offer the protection you need to keep data safe. Instead of thinking about securing a device or a location, think about securing the information itself. The data will travel, it may inadvertently be shared, or it may be on a device that ends up getting hacked. No matter where it goes, no matter the file format or location – inside or outside the organization – it must be protected.

Also, make sure your cybersecurity practices don’t depend on human intervention, and that they don’t interfere with the way employees do their jobs. No matter how good a security practice is, if it doesn’t get implemented, it can’t work.

Computing at the edge brings greater mobility, flexibility, convenience and other benefits to organizations, but at the same time, poses greater risks for cybersecurity professionals. By planning cybersecurity practices thoughtfully to secure the data itself, you can protect it at the edge and anywhere it goes.

About the author: Jeff Capone is co-founder and CEO of SecureCircle, a leader in unstructured data security for cloud-first enterprises. Jeff can be reached at jeff.capone@securecircle.com, at 408-827-9100 or via LinkedIn.

 

 

 

 

More in Information Security