How do you secure data in this ever-evolving business environment?

Data & AnalyticsBusiness IntelligenceSecurity & GRC+2 more
6.9k views1 Upvote3 Comments
CTO, 10,001+ employees
One of the things I talk about is the last-mile experience and last-mile security. Both are very challenging when people work from home because you don't have the access to do it. Everybody's coming up with creative ways to measure the last-mile experience. And same thing with protected last-mile security. In this way, we believe network security will become much more critical for the site. And data leak prevention (DLP) will be very critical. Many companies were playing around with the DLP. Not enforcing it. Now they're looking at completely enforcing DLP. We have talked about BYOD for many, many years now. The BYOD is real now because the devices in your home expand the IOT. It doesn't matter whether it's your device or not, because you don't have control over it. Anything can happen on the device there, and so you need to change all of your security posture to account for that. And not just computer security, right? Normally at work, we have a confidential bin. We have secured printers. HR and Payroll have their own secured printers. There is no secure printer at home. There is no confidential bin... What do people do once they print it? Who's monitoring those things now? How do we make sure nobody is printing it and leaving it in the trash bins? At work, you can enforce it. You have a place to do it there. Even those kinds of things are coming up.

One of the biggest risks is LinkedIn. People can go on LinkedIn and figure out who is doing what, and addresses can be easily found on the web. So, your house is not secure at all. Easily somebody can get access to your devices. They know how valuable devices are sitting at home. So you encrypt the devices. There's a slew of things you have to do, including multi-factor and Sl. The companies that have done it, it's good. But some have not done it, like a lot of fintech companies because they used to work only within the four walls. All controls were in the four walls, not the device itself. Now we need to move all this into the security transaction level, application level. You have to up the security level. So there's a lot more opportunity and creativity, and companies are working on this. It is very critical to do and focus on this last-mile security.
Innovation Technologist in Finance (non-banking), 1,001 - 5,000 employees
A big piece to me, is how you make sure employees understand that they can be hacked. They should be aware of the fact that it is very easy now for someone to go into your bin at home and pull out what you might have printed out. So how do you ensure that employees actually start to get what the concept of security is... and that actually, they own that. There is a certain amount of ownership that the employee has to take up. But what worries me more is countries that are actually trying to get into other countries' secrets. All the work that's going on in the biotech field, for example—that is very valuable information. So how are companies like Pfizer dealing with it? They have their entire ecosystem locked down without any connections to the internet. That's the kind of security that they have to go after. AWS is not even enough, which has great security by the way. I'm not picking on them. Any cloud provider has upped the game, but companies will have to think about what kinds of documents they need to keep away from the internet. Computers with that information should not even have any connection to the internet. How do we keep executive level information, secrets of the company, and patents and developing patents out of the hands of the guys that want to get it? I think  the CISOs at every company will have to start to think about these things.
2
CIO in Services (non-Government), 501 - 1,000 employees
You have to get the basics right. If you're in an old organization, that probably means gutting lots of old ways and systems so security is systemic and "easy."
1

Content you might like

What is the most important factor while choosing an external data center?

Data & AnalyticsBusiness IntelligenceData Management

Elastic cloud capabilities22%

Price49%

Regional presence18%

Partnership with cloud vendors7%

Other (please comment below)1%


572 PARTICIPANTS
2.8k views8 Comments

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
44.8k views132 Upvotes322 Comments

CIOs, What is your digital transformation priority for this year?

Applications & PlatformsCloudContact Center & Telecom+5 more
Chief Data Officer in Travel and Hospitality, Self-employed
Data & Analytics
Read More Comments
2.9k views1 Upvote6 Comments

Do you have policy and procedure governing electronic communications, including chat channels/mechanisms such as We Chat or WhatsApp and Text messages given DOJ guidance to include third party messaging apps as an area to regulate? Are employees forbidden from using unapproved electronic communications channels or are you providing corporate accounts? Do you offer training? Do you monitor communications and audit compliance? Do employees acknowledge compliance with approved communication channels? What is retention period on communications?

Collaboration SolutionsData PrivacyRegulatory Compliance
625 views

If you have a smart TV, are you personally concerned about its listening capabilities (with regards to the potential privacy risks)?

Data PrivacyThreat & Vulnerability ManagementCulture & Values

Yes82%

No18%


109 PARTICIPANTS
290 views