Q&A: Data security and decentralisation
Sridhar Iyengar, managing director at Zoho and ManageEngine Europe, offers a reassuring outlook on how to create modern workspaces that are adapted for modern risks
How has the role of data evolved in organisations over recent years?
In this digital-first world, increasing amounts of data are being produced, shared and destroyed every second. Technologies to analyse vast volumes of data have also evolved with the result that many organisations rely on data for meaningful insights and to take the right decisions.
While some organisations still have a centralised approach to data – where employees work in the office and access data through secure servers – more and more businesses are adopting a decentralised approach. Now, employees are working remotely, accessing data from their own unsecured devices.
What has been the impact of decentralisation and remote working?
The pandemic created an era of forced, rapid digital transformation instigating a necessary rise in remote working. According to Buffer’s 2022 State of Remote Work study, more than 95% of workers still want to work remotely at least for some time. But decentralising means businesses must democratise their data.
This requires easy access to data analytics which is driving decision-making, leading to increased data storage and management requirements. The key to success for modern businesses is unifying data access and data sharing across business functions. Using data to automate and integrate workflows is one of the core benefits of a digital-first world. But the great challenge for modern businesses is how they democratise their data without compromising its security.
What are the data security challenges in such an environment?
IT teams became the front runners in the world of business through digital transformation, overseeing cloud adoption, artificial intelligence, machine learning, remote collaboration, and a host of other digital services. Some 51% of IT decision-makers in the UK say that use of cloud solutions has increased for data-related purposes.
However, democratisation removes the middleman – the IT team - and simplifies access to data by employees. We call it Shadow IT. This also increases the potential for cyberattacks as the secure systems put in place by IT are bypassed by decentralised employees.
The “attack surface” increases as growing numbers of unsecured devices have access to the company’s data. This leads to a spike in data breaches, phishing attacks and Distributed Denial of Service attacks. By improving the ease of access, businesses make the data accessible to everyone - including the attackers.
IT teams must also comply with standards and regulations such as ISO, GDPR and CCPA without affecting the ease of work.
What technologies and processes should organisations put in place to achieve secure data democratisation, and how does this impact company culture?
In such an environment, implementing data protection policies is essential. That means the cybersecurity department must have visibility over the network, the infrastructure, the employee devices and event logs – and be able to monitor the traffic in and out of these endpoints. This allows the organisation to pick up on anomalies and unusual behaviour that indicate insider attacks and external cyberattacks. Typical processes include controlling access to data by both managed and unmanaged devices, securing endpoints and implementing multi-factor authentication.
However, a new ManageEngine study shows that while about 44% of decision-makers in the UK believe that security is the responsibility of IT and cybersecurity teams, 23% believe that it’s the employees’ responsibility too. Training IT teams and the wider workforce to recognise suspicious activity starts with creating a culture of security which prioritises employee confidence, consistency and performance.
How can organisations prepare for the future?
Businesses will be driven by data that is self-operating, transformational, and decentralised. 56% of decision-makers in the UK already believe that democratisation opens up more room for innovation. Companies will look for ways to create frictionless and secure data access. They will also need to develop a deep understanding of their data security challenges and invest in the right solutions.
Ultimately, companies should look for accreditation from the Cyber Essentials scheme, a Government-backed and industry-supported programme to help businesses protect themselves from cyberattacks and security breaches.
With steps such as these in place, businesses can face the data-driven future with confidence.
For more information please visit manageengine.co.uk
Promoted by ManageEngine