WWW.ILTANET.ORG 47
THREE FLAGS THAT SIGNAL
THREATS TO INTERNAL DATA
by Rama Kolappan of Commvault
Cyberattacks have significantly impacted the business landscape in recent years, forcing organizations of all sizes to
rethink security, compliance and governance strategies. While the focus of these incidents has been around external
attacks, the real possibility remains of an internal breach of information, which is just as crippling. Securing external
breach points is a top priority for IT managers but focusing on what's going on inside the four walls of an office is
often forgotten, even though these policies play an equally important role in holistically protecting data.
Keeping this reality in mind, below are three red flags organizations can watch for when evaluating threats to
internal information:
Use of manual processes to retain, hold or delete data: Securing documents is a top priority, and
applying automated policies to classify, organize, retain, delete or share information can help support
overall compliance and governance. Depending on manual or end-user driven methods increases risk.
Lack of coordinated governance: Although easy to set up and access across multiple devices, certain
consumer-grade file sync-and-share services, including Dropbox and Box, don't offer users enterprise-
level security, compliance and governance. IT is best suited to implement policies that either incorporate
or inhibit the use of these tools. No matter what choice is made, securing the data living in these
environments is the ultimate priority.
Access to information after an employee departs: Often, when rogue file-sharing services are used
by employees, they still have access to corporate data long after they have left the company. This could
create huge headaches for IT administrators as it threatens the confidentiality of personal and corporate
information.
Solely focusing on external threats to information will only get an IT team so far. Sometimes it's what's living right
under an organization's nose that can be the biggest threat to protecting internal data.
1
2
3