By Oded Valin, Director of Product Management
Despite their best efforts, files that contain the most confidential information are popping up in unwanted places and enterprises are left scratching their heads about how to prevent further data leakage. In the last post – we looked at three of five advanced technologies that should be included the next generation of encryption servers and secure file transfer solutions. Here are the final two.
Segregated, tamper proof auditing disassociated from the content: Issues arise for traditional secure file management approaches when a trusted team member turns bad, a la Edward Snowden in the case of the recent NSA breach. What to do when someone with privileged access turns bad and their access allows for tampering with the audit trail of their activities? It is essential that every activity be monitored, recorded and nobody, not even the administrator, is able to change audit trails even if the files were deleted a year ago. This audit trail should be securely kept for many years in order to comply with any number of compliance mandates, including PCI DSS, SOX, HiPPA, FISMA, GLBA, NIST 800-53, ISO 27001 and 27002.
360 degrees of protection with mobile: To make workflows more efficient, enterprises want to enable their employees to work beyond their desk through mobile computing. The productivity benefits are well established, yet new risks of exposure are introduced when dealing with confidential data. Mobile devices can be stolen easily and are more exposed to client-side attacks including malware running in the background. For example, a financial field agent should only be allowed to show a confidential report on his mobile device, not move it out of the secure mobile app, making sure the content is really for a customer’s eyes only.
It is time for enterprises to look past secure file transfer as a compliance check-box and start thinking about how to empower employees to do their work without creating more of a security risk. There have been significant advances in this area that should be viewed as the new standard for protecting confidential information.