Digital collaboration apps have exploded in use over the last several years. And the move to remote work in 2020 only added fuel to the fire.
As companies roll out tools such as Microsoft Teams, Slack, Zoom and more, many have put DLP tools into place to protect against data loss. Many businesses have also adopted compliance solutions to adhere to record-keeping and supervision regulations. In most cases, however, these programs operate within separate organisational silos.
If this describes your organisation, you may want to rethink this siloed approach. Bringing information protection and compliance tools and programs together can enhance both your security and compliance posture. This blog will outline why these information protection programs go hand in hand with two stories outlined recently by Proofpoint resident CISO, John Checco.
Looking back to get the full picture of a threat
The first story involves a firm tracking an insider threat. A bandwidth anomaly on one of its kiosks—a workstation that didn’t require a login—with the first sign of an issue. Security investigators soon discovered that a long-term employee was exfiltrating a large amount of data through the kiosk.
The investigators accessed the company’s information archive as part of their review. Retained communications content helped them determine when the exfiltration had started and assess the extent of their exposure. For many organisations, though, security investigations don’t include archived communications and are limited to the “trigger point” forward. This limits visibility.
The bottom line? Take advantage of retained content and compliance tools to look back and understand the full extent of a risk or threat. This “look back” approach will help you:
- Identify the root cause and true beginning of the issue
- Reveal other employees involved
- Find other previously undetected events
To get this complete picture, you need to ensure you’re capturing content across all sources, not just email. Many legacy archives assume a world where email is the primary communication channel for business. To adapt, you need a way to identify potential information loss and a way to capture, retain and monitor the communications content created on those channels.
Assessing security and compliance risk holistically
The second story features a financial services firm that had built its own trading platform. The firm had both a trading division and a development division. Compliance operated smoothly on the trading side. Regulated users in the trading division routinely registered for pre-trade clearance and adhered to compliance rules and regulations. On the development side, the trading platform was assessed and protected from security risks.
However, it turned out that significant compliance risk existed in the development division. Developers used copies of production data as they built and tested the trading platform. And some were taking advantage of what they saw in that data to make trades of their own.
This behaviour exposed the firm to compliance risk. An integrated security and compliance program may have brought the compliance risks in the developers’ approach to light sooner. Developers could have switched to using test data or registered for pre-trade compliance clearing.
The bottom line? Security, privacy and compliance are all related and should be considered holistically. If you focus solely on security issues or compliance issues, you will miss other types of risks that could negatively impact your business.
How Proofpoint can help
Proofpoint specialises in people-centric security and compliance solutions and can support collaborative compliance and information security. Our solutions protect you across multiple channels with leading products such as Enterprise Archive, Content Capture, Insider Threat Management, Email DLP, Cloud App Security Broker and Endpoint DLP. Our approach provides industry-leading insights into people risk devoid of organisational boundaries.
Learn more here.