How can businesses protect sensitive data in a remote working landscape?

Anurag Kahol, CTO of Bitglass, discusses how businesses can effectively protect sensitive consumer data in a remote working business landscape

The last 12 months have proved to be some of the most turbulent in living memory for businesses and consumers everywhere. The ongoing pandemic has forced tens of thousands of companies around the world to fundamentally shift from office-based working practices to almost completely remote-based ones, on a timescale not of their choosing. This unprecedented move has also led to a dramatic surge in cloud usage, as a result of users, devices, apps and data being forced to move off-premises indefinitely. In fact, over half (54%) of all businesses that took part in a recent Bitglass study confirmed that the COVID-19 pandemic had accelerated plans to migrate their workflows to cloud-based apps.

However, what’s become increasingly clear in the days, weeks and months that have passed, is most of these companies were completely unprepared for the challenges that confronted them. In most cases, their existing technology, originally designed and built for on-premises environments, was simply not flexible, versatile or far-reaching enough to protect their new-look, cloud-based remote workforce. As a result, the number of data leaks and breaches taking place has shot up alarmingly, with huge amounts of sensitive consumer data suddenly at risk of being stolen, copied and/or used without consent. With many businesses now openly considering a more permanent move to remote or hybrid office/home working models, it’s imperative that the security they have in place is fit for purpose and able to protect sensitive data wherever it may be. How can this be achieved?

Take the time to understand where all sensitive data is located

Every business should begin by taking an accurate inventory of all the sensitive data it controls. Properly understanding what this data is and where it goes is key to maintaining compliance with local/regional and industry-related data privacy regulations, while simultaneously ensuring customer privacy is maintained. In order to do this, businesses must take the time to closely monitor all of their users, files, apps and online activity, ideally on an ongoing basis, using comprehensive activity logs to pinpoint exactly where sensitive data is located.

Make sure sensitive data can only be accessed via secure channels

In addition to consistently tracking the location of sensitive data, businesses must also limit access to it, along with the storage systems that hold it. This can be particularly challenging for those that utilise cloud services and technologies but haven’t invested in the tools needed to properly secure them. Consequently, sensitive data can potentially be accessed from a multitude of different devices and applications, putting it at significant risk. Businesses can make use of simple but effective tools like multi-factor authentication (MFA) and single sign-on (SSO) to ensure each user is exactly who they say they are. These solutions can also help create limits for who is accessing the data at any given time.

With more and more businesses now eyeing a move to the cloud as a result of the pandemic, it’s crucial that they have a clear understanding of data jurisdiction as well as the security challenges that may arise from it. Regional regulations like the General Data Protection Regulation (GDPR) place stringent restrictions over how and when a customer’s sensitive personal data can be stored or moved. In order to adhere to such regulations, businesses must adopt security solutions that provide contextual-based access control, advanced threat protection and data loss prevention capabilities. A comprehensive security platform that integrates all of these capabilities into a single offering will nearly always offer the most cost-efficient solution, as well as providing numerous ease of use benefits. Only once such a platform is in place can businesses be sure their sensitive consumer data is secure.