Over recent times there have been many damaging data breaches. The result is that protecting sensitive information is now viewed as having a very high priority across many organizations.
The potential costs that can be incurred, including legal penalties, damaged reputations, and lost customers are so high that to lay the entire responsibility of data security on the IT department is to bury the corporate head in the sand. It is imperative that the problems are addressed across the entire organization.
One of the difficulties is that businesses exist within an ever changing environment. Security solutions applicable to the old system need to be re-addressed as we move to new ones, particularly those that involve modern policies such as “Bring Your Own Device” (BYOD) and cloud computing which add whole new layers of complexity.
It is not only the internal environment that is changing; the external one is too. There have always been external threats to security, but these are continually getting ever more sophisticated; today’s hackers are very smart, and there is a continual cat and mouse game played between those who develop the secure systems that we rely on and those who are determined to undermine them.
There are also threats from within organizations that result from employee error or even malicious acts; the failure of internal policies; and the failure of equipment and processes.
Today’s business world is a highly collaborative one. Many organizations have discovered the many synergies that can arise when they work together, and are more willing to work with third party service providers. The result is that sensitive information is shared across these organizations. Effectively this creates a highly extended enterprize which consists of present and past employees as well as third parties. There is evidence that around 50% of all security incidents occur as a result of this, and although the majority of them are due to human errors or system failures rather than to malicious acts, the repercussions can be equally serious.
It is apparent that today’s businesses are facing security threats from many different directions and they are increasing at a significant rate. While in the past the biggest threats came from outside the organization, today as employees work in areas that are neither monitored nor controlled by IT, for instance BYOD, social networking and cloud services, the potential for security breaches is hugely amplified.
Some organizations are reversing the BYOD trend and blocking access from personal devices, however there is considerable evidence that this only exacerbates the problem as employees continue to use their devices but do not inform IT.
There are solutions. For instance the Mimecast Unified Email Management and Data Archiving System integrates across all data repositories including personal devices, Sharepoint, Lync messagingand cloud based services such as Dropbox and Box. All incoming and outgoing email is archived and archive email can be accessed by users from any device, including mobiles, thus removing the need to store any data locally and greatly increasing security.