I live near an intersection ruled by four-way stop signs. Driving through it often becomes an awkward experience. Some people stop for longer than necessary, disrupting the usual order while gesturing for other drivers: “No, you go.” Others blow through the signs entirely, occasionally causing an accident. Depending on the day, this intersection can lead to funny moments, frustrating exchanges and dangerous scares when drivers misunderstand or disregard the rules.
When I talk to business leaders about the relationship between their security and IT teams, they sometimes sound like they’re describing a four-way stop. Projects get stalled because one side waits for the other to take the lead, or one team acts like an aggressive backseat driver and a rift starts to form. And just like the serious consequences you might encounter when a driver runs a stop sign, the company’s data security can suffer if security and IT folks aren’t on the same page.
In today’s threat landscape, the two teams need to collaborate if they want to protect sensitive data – period. Traditionally, IT was responsible for the internal infrastructure and worried mostly about physical data threats, while security pros focused on the perimeter of an environment and worried about unauthorized users and stolen information. Now both teams need to work together to adequately manage and protect data. If it feels like your team is endlessly stalled at an intersection, try asking the below questions to both IT and security. (For best results, challenge them to work together on the responses.)
What data do we have in our system?
Over time, any company accumulates data: files, folders, directories, even entire virtual machines. It can be tough to keep track of the full range of information at your company’s disposal, and tougher still to maintain visibility into exactly what that data contains. A spreadsheet containing employee contact information or financial records presented at a quarterly meeting might seem like harmless internal documents, but if they’re exposed to the public during a security attack or instance of data theft, those documents can lead to legal headaches, fines, damage to the company’s reputation and lost revenue.
Can we map the activity surrounding our sensitive data?
The above example, which involves security as a reactive measure, is a necessary move for nearly any company – and it results in those misplaced financial records and personally identifiable information (PII) getting moved to a secure location. However, it’s equally important for security and IT teams to focus on implementing protective actions in real time. By conducting user behavior analysis and building audit trails, teams can better understand the contents of data, monitor user activity and take action as soon as abnormal activities occur.
Who is authorized to access our most critical files?
Knowing who within the company has access to sensitive files is key to implementing successful security measures. According to the Ponemon Institute, 75 percent of data breaches are caused by malicious or careless behavior from employees. To proactively avoid data security incidents, protect employees and customers, and defend your organization’s reputation and business, it’s important for security and IT teams to keep a close watch on who has access to what. Restricting access to sensitive data so it doesn’t fall into the wrong hands and reviewing user permissions on a regular basis are the first steps. By limiting the amount of people who have the power to interact with (and potentially expose) the company’s most critical data, both teams can align their efforts to reduce security risks.
Sensitive data protection is only one piece of the data protection puzzle. It is a good place to start because it’s tangible and the results are measurable. When security and IT teams are working in tandem to discover the five W’s about the company’s data (who, what, when, why and where), both sides can prepare to fight threats while improving the organization’s bottom line.