Knowing know who has access to it, how it is being used, and where their confidential data is going requires visibility into activity on the corporate network, including email, instant messaging, web mail, and FTP. It also requires monitoring endpoints--whether on or off the corporate network--for any confidential information that is downloaded to local drives, copied to USB or other removable devices, burned to a CD or DVD, copied or pasted, printed or faxed, transferred over email or instant messaging, and more.
Because many organizations must demonstrate compliance with external regulations, it is crucial that sensitive information is handled in a way that meets these statutes as well. For example, organizations classified as Payment Card Industry (PCI) merchants must know where credit card data is--whether on storage repositories or employee laptops--and ensure that this data is protected. They must also be able to generate reports that show exactly which systems have been scanned, what was found on these systems, and how sensitive information has been secured.
To ease administration, it is important to be able to define and enforce all policies for preventing data loss in a centralized location from which incident remediation and reporting can also be addressed. In addition, both content and context should be analyzed on an enterprise scale; this increases accuracy which, in turn, minimizes incident remediation activities and costs.
Savvy cybercriminals are also sizing up organizations with poorly managed systems, taking advantage of the inefficiencies of these infrastructures to access valuable data. To guard against this threat, organizations should take a closer look at their own systems management practices and processes to be sure their information assets remain protected.
A well-publicized data breach that occurred in 2009 sheds light on the relationship between systems management and system security. After copying a large amount of confidential information onto her laptop, a hospital employee left the laptop on her office desk, and then closed and locked the door behind her as she left her office. Later that evening, someone broke into the office and stole the laptop--along with the hundreds of protected health information (PHI) records it contained.
It is difficult to understand which systems require patches and which are up-to-date, so manual patching processes usually result in inefficiencies and errors. What's more, poor patch deployment processes can hamper the productivity of end users, while also forcing IT to devote more time responding to incidents than to proactively managing day-to-day procedures.