A Portrait Of A Data Leaker: How To Spot And Combat Your Worst Enemy

Posted by Anand Kekre on August 6 2015

The biggest threat to your enterprise data isn’t hackers and cyber criminals — it’s your own employees.How To Spot And Combat Your Worst Enemy

That’s according to a 2015 CompTIA survey of U.S. business executives and IT pros that reveals human error is the root cause of 52 percent of data security breaches.

Moreover, end users pose a greater risk to enterprise file security than many executives and technology professionals believe, the information security study found.

How Enterprise File Security Is Breached

As the consumerization of IT continues, enterprise end users increasingly expect full access to corporate data via traditional and mobile devices alike (the average person carries three mobile devices). 

Enterprise users (i.e., your greatest threat to enterprise file security) typically do daily work within a small set of regularly used applications, including email apps like Outlook or a browser-based mail app, productivity apps like Microsoft Office or Adobe Photoshop, and a basic web browser.

Without enterprise digital rights management (DRM), data loss protection (DLP) and other information rights management measures in place, each of these commonly used application types poses a threat to enterprise file security. As end users switch between email, web browsing and productivity apps, the risk that enterprise data leaves the corporate network with any of these apps increases. But this data leakage is almost always unintentional.

The more often enterprise data is copied from place to place, the greater the risk of data loss. Sometimes data that’s meant to stay on a corporate file server is downloaded to an endpoint device so it may be accessed or edited, but the end user never closes the loop by updating the version on the file server and deleting the file from their device. If that device is stolen, sensitive data could be exposed.

The Risk Of ‘Shadow IT’

“Shadow IT” is when technology decisions are made without input from the IT department, and it’s often the cause of inadvertent data compromise. End users uploading and sharing corporate files through Dropbox pose a significant enterprise file security risk because IT lacks control over how those files are shared through the cloud.

Interestingly, despite more than half of the CompTIA survey respondents reporting that human error is at the core of data breaches, less than one-third of those surveyed said they were seriously concerned about human error.

Spotting And Combatting File Security Threats

What’s good about your end users being your biggest threat to file security is that they’re under your own roof. Start by educating your team about how seemingly innocuous actions like uploading a file to Dropbox, connecting to a public Wi-Fi network or forwarding an email outside of the corporate network pose a risk to enterprise file security.

Augment educating your team by ensuring that your enterprise files stay protected even if an end user unknowingly takes an action that compromises enterprise file security.

Enterprise DRM ensures that corporate data is secure and manageable even as it travels outside the enterprise network. Solid enterprise DRM tools allow IT teams to protect enterprise content on end users’ mobile devices, while also providing IT with a full range of access controls that allow files to be rendered useless after a certain date or number of times opened.

Learn more about how enterprise DRM enhances your information security by reading our free report, A Buyer’s Guide To Enterprise Digital Rights Management (DRM): 6 Essential Things To Consider.

New Call-to-action

Subscribe To The Blog