Data security and privacy were named as top issues for 2019. Data loss prevention requires a comprehensive strategy to identify, protect and monitor sensitive information. As most organizations do not 100% know what data they have stored (often over many years and staff changes), who has access to it, and what users can and are doing with the data, this is a blindspot.
Data loss prevention is required to meet compliance requirements, but it can also help organizations to:
- Protect intellectual property (Proprietary formulas, application code, responses to RFPs, client lists, etc.)
- Enforce acceptable use policies – you may say in your policy that data cannot be copied and taken offsite, but how do you monitor and enforce this?
- Prevent data theft and accidental data loss – Technology can be used to make it impossible for users to move and/or delete protected data.
Where is data leaking from? Armarius Software provided this breakdown:
The known cases of data leakage and the resulting damages are just the tip of the iceberg. BlackRock Inc. inadvertently posted sensitive financial documents online, exposing data on over 20,000 advisors. Foresite worked with a hospital who was fined over $2M when a former physician copied patient records to share online with research colleagues without knowing how to secure them. Disgruntled employees can exist in any organization – what kind of damage could they do in yours?
Foresite and Armarius address this topic in more depth, review joint case studies, and answer questions on how we can work with you to identify, protect and monitor sensitive data to avoid exposure.