The frequency and destructive nature of enterprise data breaches have become an unfortunate reality, and the pressure is on for the cybersecurity industry to help organizations mitigate the damage. At this week’s Infosecurity Europe, several members of the SailPoint crew had conversations with IT and security leaders of Global 5000 organizations. Key themes came up that are a good reminder for all of us:
- Data access governance plays a key role in ensuring that organizations keep their crown jewels – intellectual property, customer data, financials – safe from prying eyes. When a data breach occurs, the end goal is usually theft of sensitive data that the enterprise holds. If an organization has not governed access to data well, especially unstructured data stored in files, it will take time to find the source and shut down additional leaked information. IT security professionals today have a difficult balancing act on their hands to get the right mix of security and convenience. When it comes to unstructured data, the scales are tipped so far towards business agility and convenience that IT often has a hard time reigning in control without triggering a user revolt. Achieving security that is on par with convenience doesn’t need to alienate users, however, so long as you pick the right tools, keep users involved in the process and maintain a mindset that identity is everything.
- The rise of ghost accounts (or orphaned accounts) in the cloud highlights the need for organizations to have a comprehensive view of access inside and outside of their network. With the number of cloud applications growing, and more stealth and shadow IT platforms being introduced, organizations are stockpiling credentials and entry points with little control over access or the data inside it. An increase in ransomware and malware attacks, as well as the continued risk of insider threats, means these accounts can be hijacked, putting sensitive data at risk. Orphaned accounts have always been the “low hanging fruit” for identity controls, and the cloud is no different.
- New GDPR regulation requires significant changes in how customer data is protected. In order to comply with the requirements of GDPR, existing security models will have to evolve. A transition from prevention-only outlooks to detection and remediation methods is necessary to accommodate the new legislation. While the law only applies to EU citizens’ data, any company that operates in the EU must comply, regardless of where the data is stored, creating a global impact.
Our time at Infosecurity Europe 2016 reinforces what we already know, that data breaches aren’t stopping any time soon, and new regulations will have an immediate impact on how enterprises operate now and in the coming years. As security vendors, we must continue to innovate in an effort to help Global 5000 organizations protect sensitive enterprise data from theft as hackers continually turn their sights on the human vector as a means of entry onto corporate networks and cloud-based applications all over the world.