How To Do Enterprise Security like Bond…James Bond
May 17, 2016 No CommentsFeatured article by Vishal Gupta, CEO, Seclore
In the era of crippling state-sponsored hacks, cybercrime rings and data breaches, businesses are looking at all forms of preventative measures to keep attackers at bay. Even a modern-day James Bond would find it challenging to keep his data, and identity, a secret in the Information Age. And unlike in the famous films, the real-life ‘villains’ capable of stealing trade secrets, personal information and other forms of sensitive data are oftentimes anonymous and numerous. Reports estimated more than 317 million new pieces of malware were created within 2015 alone. Imagine what they can do today!
As hackers grow more sophisticated, creative, and well, more villain like, companies should ask themselves: ‘What would James Bond do?’
Take advantage of ‘self-destruct’ mode
In the classic spy movie franchise, Bond knew that the key to top-secret communication required a few extra precautions. Today, Bond would have several means of communication at his disposal but also, plenty of malicious actors threatening to compromise his data. Work email, for instance, is still the most preferred method of communication in the workplace, offering plenty of opportunities for cybercriminals to steal sensitive information. A modern-day Bond wouldn’t send emails and attachments without securing the text and files, and neither should business professionals. Bond would also avoid sharing sensitive documents using file sharing services, knowing that once the information was downloaded, it could end up in the wrong hands.
Unfortunately, there are still many organizations who think of email and file sharing services as a safe mechanism for sharing sensitive information. While IT managers can enforce policies that limit this risk, the facts are that once a document has been shared and downloaded, the sender has lost control over who gets it, how it can be used, and where it can be forwarded. There is also the ‘accidental’ mishap where a well-meaning employee sends a sensitive file to the wrong recipient – say company financials that accidently arrives in the outsource partner’s inbox.
To ensure email communications and file sharing are safe no matter what, businesses should secure data down to the document level, using Enterprise Digital Rights Management (EDRM) solutions that persistently ‘lock’ down sensitive data wherever it travels. With EDRM, businesses can control exactly who can receive a file, what they can do with the file (even stopping screen sharing), from which device, and for how long; just the sort of high-tech that a Bond agent will love. The added benefit of remote access management means even if the email lands in the wrong hands (sorry outsource partner!) our inner Bond can hit ‘self-destruct’, preventing evil eyes from looking at sensitive information.
Beware of too-good-to-be-true security measures
Over the years, 007 proved that being a great spy requires the right car, right watch and yes, even the right mobile device. The 1997 film Tomorrow Never Dies shows Bond picking locks and scanning fingerprints from an Ericsson cell phone. Fast forward to 2013 when Apple introduced Touch ID to the iPhone 5s line, the company boasted the feature’s convenient functionality, ease of use and greater security measures. But experts aren’t convinced this is enough, much less businesses. In fact, fingerprint authentication may give hackers another entry way into corporate devices, even if it’s cumbersome to do so. Fast Company recently examined this vulnerability, noting that most phones with fingerprint scanners still enable users to access the device’s camera functionality whether or not it’s locked. And since the majority of apps require full access to a user’s camera, hackers can easily bypass the device’s fingerprint security measures and install malicious malware via other apps, or take control of a camera’s functionality. Fingerprint authentication or not, there’s a way around it!
James Bond was a clever techie, sure, but he would never put convenience in front of security, no matter how good it sounds. Businesses should follow in his footsteps. The latest generation of EDRM solutions automate protection of files by integrating seamlessly with existing content management, file sharing and data loss prevention systems. Recipients can also easily engage in the secure collaboration with the ability to access protected files through their browser. By making it easy to protect data at the document-level, as noted above, businesses need not worry about a lost or stolen corporate device and they can stop ransomware attacks as a bonus. Knowing Bond, he’d likely have a self-destructive phone as well. Just in case.
Watch your step, sneaky villain ahead!
James Bond may be every wannabe spy’s hero, but let’s not forget the films’ equally cunning villains. The notorious Goldfinger, for example, is best known for his evil dialogue and farfetched take-over-the-world scheme. But today, his evil plot is child’s play in comparison to what cybercriminals can do. In early March, for example, email scam artists tricked a Seagate Technology employee into giving away confidential tax information on nearly 10,000 former and current employees. Talk about an evil plot! Not only did it create chaos at Seagate, but it also proved that the simplest schemes like an email scam, can still put businesses at risk. While EDRM solutions are often thought to control information in-transit during external collaboration, persistent file-centric security is an ideal solution for protecting information at rest and at work.
Unlike the glamorous life of James Bond, cybersecurity is not all martinis and tuxedos. Protecting the enterprise requires a thoughtful approach to security, a knowledgeable staff and staying one step ahead of malicious hackers. Learning how to channel our inner James Bond, however, is key to a business’ success and longevity. Take it from the man with the most successful Hollywood franchise of all time. Secure collaboration, both across and outside the enterprise, requires a persistent, data-centric security solution, and once in a while, a great martini.
Featured article by Vishal Gupta, CEO, Seclore
Vishal comes with more than a decade of experience in sales, marketing and business management. He is the Founder and CEO of Seclore and handles corporate development, investor relations and strategic vision.