A couple of weeks ago, I wrote about Datacastle CEO Ron Faith, who spoke about the critical nature of properly conducting exit interviews to help prevent sensitive data from walking out the door with an employee who leaves the company. Here, I want to back up a bit, and share Faith’s insights on how companies can work to avoid that outcome long before the employee leaves.
I opened this portion of the conversation by asking Faith to what extent having employees walk out the door with sensitive company data is a preventable problem. He said it’s not completely preventable, but you can mitigate the risk around it.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
“You can create greater friction for the employee so that you can reduce the amount of exposure, or the likelihood of it happening,” he said. He noted two dimensions to the problem.
“One is in the area of data loss; the other is in the area of a data breach,” he said. “There are some things you can do on the analytics and smart data discovery side to help predict or get ahead of some of these things.”
In the area of data loss, Faith said the BYOD phenomenon has exacerbated the problem of what he called “dark data” — companies don’t know what’s on those devices, and they don’t know what information they’re losing when the employee leaves.
“It’s very important that they perform a continuous backup of all those endpoints, whether it’s a laptop or smartphone or what have you, so that when the employee leaves, you haven’t lost the asset,” Faith said. “That needs to happen not only on the endpoints, but on what I think of as virtual endpoints, as well, which are the enterprise file sync and share repositories, like Dropbox or Box.”
On the data breach side, Faith said, procedures need to be in place in terms of notifying employees when they leave what the rules are.
“It’s also important to have the ability to remotely wipe the data, either by command by IT, or by poison pill,” he said. “And then the other thing on data breach is that lots of enterprises now have multiple SaaS applications. And where there’s access to data, there are often different logins, and different departments buying different applications. So having a single sign-on, and being able to revoke privileges quickly, is pretty important.”
Faith also discussed the forensics of determining the source of a data breach.
“On the investigatory side, this is where things like analytics capabilities come in,” he said. “What we [at Datacastle] do is we take every document and break it up into a bunch of little blocks, and then encrypt every block with its own key and give every block its own signature. We can then identify where across your organization that block first existed, how it propagated through your organization, and who had it at the time in question. So if you’re investigating where the leak came from, or where the points of exposure were, you’d have the ability to determine that within minutes.”
Faith noted that it’s important to have the ability to conduct such an investigation without creating a “toxic” environment in the company.
“Depending on where the content was located internally, and who had access to it, a traditional investigation can wind up being very disruptive, and very toxic, to the organization,” he said. “So being able to conduct an investigation without necessarily tipping anybody off that the investigation’s going on, and without having to take workstations and laptops offline in order to perform the forensics, can avoid a situation that ends up being problematic.”
“With the capabilities that [the Datacastle product] provides, you’ve backed up all the endpoints, and you have the analytics capability to conduct the investigation without letting anybody know that it’s even going on,” Faith said. “You’re able to prevent that lack of trust.”
A contributing writer on IT management and career topics with IT Business Edge since 2009, Don Tennant began his technology journalism career in 1990 in Hong Kong, where he served as editor of the Hong Kong edition of Computerworld. After returning to the U.S. in 2000, he became Editor in Chief of the U.S. edition of Computerworld, and later assumed the editorial directorship of Computerworld and InfoWorld. Don was presented with the 2007 Timothy White Award for Editorial Integrity by American Business Media, and he is a recipient of the Jesse H. Neal National Business Journalism Award for editorial excellence in news coverage. Follow him on Twitter @dontennant.