Most organizations invest significant time and resources into protecting their network and information from hackers. But not all threats are external.
With 35% of all crime committed by insiders, and one-third of data leaks coming from within an organization, holistic protection of your documents and processes has never been more vital.
Regional Business Information and Services Manager, Mohamed El Bahrawy at Canon Middle East uncovers strategies to protect your organization’s data.
A: There are many reasons why it’s essential to create secure workplaces, but one of them is ensuring complete governance of your information.
If this is compromised, you may be vulnerable to exploitation, loss of intellectual property and competitor vulnerability, and even legislative breaches. The European Union’s General Data Protection Regulation means that organizations have strict obligations for privacy control.
Where do we start with protecting our business-critical data?
A: Before you get caught in the complexity of your data, undertake a data mapping exercise. This will give you a holistic view of the critical information held on your business – your organization’s data footprint.
There are four steps to this process. The first is to define the type of information you hold within your organization. The second is to classify that documentation in terms of sensitivity. If this material were readily available, would it cause a breach of confidentiality? Would it undermine the integrity or security of your organization? Would it put you at a competitive disadvantage?
The third is to identify where that data is stored and who interacts with it. Then analyze the results to see just how much sensitive material you have, and what your risk level is.
A: There are a number of strategies you can employ. In an office, for example, you may use secure release technology which requires users to identify themselves at the device before accessing features. Canon user authentication methods include pin-code, password, contactless card, and biometrics.
Your security risks can also be increased by employees who use personal devices for business reasons. This can make you more vulnerable to phishing scams or password compromises. Employee awareness, combined with policies and procedures, can reduce the volume of potential attacks.
What size businesses are at greatest risk of data theft?
A: Let’s look at multi-function device users, as an example. Organizations operating more than five multi-functional devices can face a broader range of information security challenges. Migrating from stand-alone devices to more feature-rich and capable networked devices can leave you vulnerable if you don’t secure your devices.
How do we do this?
A: Start with your office. It’s the weakest link in data security governance. People create their own applications and data repositories. Documents are printed, scanned and shared. And all of this is generally done outside of the control of your IT team.
So to protect your data, you need to create a data-safe print and scan network.
Isolate office equipment, and their print and scan functions, from the general office network.
You can do this via a virtual private network using Canon secure network print and scan software. This effectively creates a divide between the operation of your office equipment and your network, making difficult for business-critical data files to be shared.