I’m the type of person that needs a catalyst in order to write something – a spark. A real world, practical problem that I can contribute towards a solution.
In the past few weeks, I have spoken to several small business owners or managers that are concerned about their data, customer list, or what impact a mischievous change can make to their service delivery. It has come up plenty of times over the years working in IT, being asked to investigate access to systems and data to try and understand who, what and where.
Have you ever had someone interview for a position bragging about being able to bring a client list with them?
The trouble with old school technology is – you can’t easily get that information. There are lots of third party applications that can overlay on servers and networks that will get that information, but its hugely expensive and costly to maintain. The worst part about working through this with clients is that its playing on a fear that something negative is happening within their business, taking away valuable time from what they want to be doing. Its not constructive at all and it never gives me any enjoyment to be working through this process with them.
However, with the advent of the cloud, many of these expensive and complex information and security management features are being baked in. They must. Microsoft has 120,000,000 active users on Office 365 currently, from companies with one account all the way up to tens of thousands. The Enterprise client requires much more sophisticated security and visibility on what is happening in their environment. These services are available to all small businesses also.
So, back to the problem. How do you know when someone is stealing information? Often the type of person that really wants to get this information will do what they need to. Take photos of a computer screen or documents, send emails to their personal account with company IP, or taking data on a USB key, etc.
There are methods to prevent this data loss, but the most critical aspect is that they are passive. They are invisible to the end user until its too late. Whether it be auditing that happens behind the scenes that they are not aware of, or data encryption that unlocks automatically every time they open the information (without them knowing).
If you put a road block in front of someone, they will find a way around it. If they don’t know the block is there, they aren’t able to engineer a workaround.
Information is power – that is why you want to protect your data.
Doing so passively allows you to collect data on what that person is doing so you get a true understanding of what is happening.
Most business owners and managers would identify with the web browsing conundrum – do you block Social Media sites on the business network, or allow it and monitor who is stealing time? If you block, they will probably just use their smartphone!