The off-boarding process is seemingly straightforward: the departing employee returns all company property, including laptop, mobile device and building access card. However, that person could be walking out the door with something far more valuable: your data. And without the proper precautions in place, you won't know until it's too late.
Because cloud-based technologies are scalable and convenient, many organizations have made them a central point of business operations. Solutions such as Salesforce started off as a CRM but have grown to manage the workflow and data of an entire organization. As a result, employees have access to a bevy of sensitive data such as detailed customer, prospect, ordering systems and financial information.
A white paper from Osterman Research revealed that 69 percent of organizations polled cited data loss when an employee leaves their organization. Employees may not intend to take data out the door in certain incidents, but some former employees are looking to gain a competitive advantage in their future endeavors.
Protecting your organization's data takes a multi-layered approach. Here are six ways to proactively secure it.
1. Determine where your most sensitive data is
It is most likely that your organization uses multiple applications, third-party partners and an expansive workflow. Your data is probably not contained within a few secure systems. Conduct a comprehensive risk assessment to understand where you need to focus your security strategies. Knowing where your data is located and who has access to it will give you a foundation to build upon with other security tools and data protection strategies. Below are some questions to answer:
- Who controls database access?
- What regulations/laws do I need to comply with?
- Who has access to what data?
- Is my data secure when it's not in use?
- What sensitive data does my organization store, use and transmit?
- Is my data secure in transit?
2) Policies and procedures
Data security is every employee's responsibility, so create transparent and explicit data security policy. This will help keep employees accountable for securing your sensitive information. Below are a few essential topics to cover:
- Password Protection – Maintaining strong password protection to your internal systems will help prevent breaches. Of confirmed data breaches, 63 percent involve using weak, default or stolen passwords.
- Data Privacy – Make sure your employees are fully aware of the laws they must comply with when handling your organization's or customer's data.
- Email Usage – Ensure that your employees are trained to thwart social engineering tactics. The majority of cyber-attacks originate from insider threats accessing a malicious email.
- Mobile Devices – Creating a mobile device policy that requires employees to password protection and secure usage will reduce risk.
3) Application monitoring
When you have determined the location of your most sensitive data, monitor WHO is accessing it and WHAT they are doing with it. With the growth of cloud-based apps such as Salesforce, company data is oftentimes easily accessible within the application. Defending against insider threats requires monitoring user activity and using behavior analytics that provides insights into where, when and what insiders are doing. Gaining insights into your business-critical applications allows your security team to be proactive in detecting, investigating, mitigating and remediating security incidents. Monitoring technology will provide your organization with the ability to trust your employees but verify that they are not violating your acceptable use policies and putting your organization at risk.
For example, if a departing employee is exporting large amounts of company data from Salesforce, your security team can isolate the incident and prevent data loss or even a full-blown breach.
4) Physical security
When an employee departs your organization, physical access to your network should be cut off immediately. Multi-layer authentication, requiring both a password and a physical token, to gain access to technology and organization perimeters provides an extra layer of physical security.
Put a well-defined sanctioning policy in place. Specific penalties should be defined for those who violate your Acceptable Use Policy. Tell employees that their activity is being recorded through monitoring technology and that they are held accountable for any misuse of the organization's resources.
There are two ways to view employees: they are either your greatest vulnerability or your best line of defense. Implementing a culture of security and accountability will help secure your organization. Training on your acceptable use policies, monitoring technology, current cyber threats and sanctioning will aid in defining a strong culture of security.
Keeping Your Data
Departing employees sometimes take more than their favorite stapler with them when they leave. To protect your organization against insider threats, monitoring employee access to and activity within your network is essential. This enables you to act quickly when you detect suspicious behavior. User activity monitoring must be a part of a comprehensive approach to data security today.