October 1st 2013
Provisioning and deprovisioning access to confidential corporate resources is one of the biggest information protection challenges in today's business world. While this is partially due to the emergence of mobility and the use of more computing endpoints than ever before, it is also affected by regular occurrences that happen in the workplace: People will eventually leave an organization.
The natural progression of the business world is founded upon the human variable, as individuals will inevitably stop working for a company. While this could happen from an employee termination or from a person simply moving on to a new place of work, companies need to be prepared. A Network World report highlighted how deprovisioning access to applications is one of the most important steps in this data protection process, though it is often overlooked by executives. This is because decision-makers often get tunnel vision and focus on eliminating access to the network, not necessarily software.
In the article, risk assurance expert Joe DiVito of PricewaterhouseCoopers noted that firms often encounter problems when defining user provision controls.
"The organization needs to have an accurate accounting of the access assigned to an employee," DiVito told Network World. "Determine who owns the authorization and ongoing access to that data and ensure that you communicate amongst the parties when access needs to be modified or revoked. Often times the solution to managing risk requires nothing more sophisticated than improved communication."
In addition to ensuring everyone is on the same page regarding data protection policies, companies should also consider embracing the power to scrub devices, Network World noted. This has become increasingly important in today's highly mobile landscape.
DiVito told the news source that decision-makers must first know what resources are physically housed within certain endpoints and understand the steps needed to wipe those devices clean.
Leaving endpoints spick and span
In most cases, organizations base their security strategies off verbal agreements when individuals swear they won't take any data with them when they leave the company. Unfortunately, some of these guarantees go out the window when the departure is sour, which is sometimes the case when an individual is unexpectedly terminated.
Rather than sticking to their guns and simply hoping for the best, executives should take matters into their own hands by working with managed security service providers that are knowledgeable with remote destruction. By working with a trusted partner, decision-makers can find innovative ways to automatically back up sensitive information stored within notebooks and other endpoints to eliminate a rogue employee's ability to access those resources.
Managed security service providers can also help companies implement tools to remotely freeze devices in the field, ensuring that malicious individuals cannot misuse confidential data when they are outside of the workplace.
As endpoints continue to proliferate throughout the business world, decision-makers need to be prepared for how those platforms have the potential to give unauthorized users access to sensitive resources. By planning ahead and working with a trusted security provider, executives may be able to ensure ex-employees do not maintain the ability to use solutions that should no longer available to them.
Articles from Larry Keating's (CEO, NPC) guest blog on the Huffington Post Business pages