Home CYBER SECURITY Why File-Centric Security Is Non-Negotiable For Distributed Work

Why File-Centric Security Is Non-Negotiable For Distributed Work

Distributed work (also known as remote work) is the future. It always has been. Although the coronavirus pandemic has forced many of us to adopt telecommuting sooner than we would have liked, it’s a transformation that was always going to happen, one way or another.

It’s also a transformation that isn’t without risks.

Given how many employees are now consistently working from home and how many will likely continue to do so even after the pandemic ends, the traditional “walled fortress” approach to cybersecurity is no longer sufficient. Files containing sensitive and critical data are now being shared and accessed freely from outside the firewall.

And they should be. If you attempt to address this widespread collaboration via more draconian access restrictions, you’re only going to damage employee productivity. Instead, you need to adopt a decentralized security framework, one which focuses on protecting assets wherever they wind up.

Here are a few tips to get you started in that regard.

Automate Provisioning And De-Provisioning

Automated user provisioning is an easy way to save time while still maintaining general file security. Rather than having to manually set up access and audit individual accounts or user groups, automated provisioning allows you to quickly extend the necessary permissions to someone based on a set of preconfigured profiles or conditions. Automated de-provisioning, meanwhile, allows you to quickly rescind permissions from people who no longer require them.

This might be a client who’s chosen to work with a competitor, for instance, or someone who has since left your organization. By automatically removing access and accounts, you significantly reduce the risk of a data breach.

Regularly Audit Accounts, Activity Logs, And Access Permissions

Your cloud stack can be configured to only allow specified repositories or cloud products to contain sensitive information. By arranging vulnerable data into silos, this allows you to more efficiently manage the scope of access. You’ll want to look into a collaboration tool that allows granular access controls, file permissions, and user group management. Provided you’ve deployed such software, the process for access configuration should be relatively straightforward.

Admittedly, however, it can be easy to lose track of clearance levels for each individual user. For that reason, it’s imperative that you periodically audit the list of individuals with file access permissions and remove authorization from anyone who no longer requires it. I’d strongly recommend doing this even if you’re using a tool with timed file access, as there is always the possibility of operator error.

This extends to your activity logs, as well. Not only can you troubleshoot performance issues, regularly reviewing access requests and file activity can help you detect and trace potential leaks or breaches before they become a significant problem. Knowing what’s being accessed and by whom is critical if you are to keep your assets secure.

Finally, I’d advise speaking to representatives from each department within your organization so you can gain a better understanding of what assets they require and how they use them. Someone working in sales, for instance, likely doesn’t need editing permissions for a pitch deck, but someone working in marketing does. This understanding will not only allow you to configure your platform to better meet employee needs, but also provide a clearer picture of potential threats and risks.

Configure Login Requirements And Educate Staff

You do not hold sole responsibility for protecting your business’s information. It’s a responsibility shared by everyone. That’s why it’s critical that you frequently educate your team and communicate to them both processes and policies along with their rationale. As a starting point, all content, including private customer information, should be treated as restricted data.

It’s advisable to incorporate password policies, including expiration dates and strength requirements. Employees should be trained to use strong, unique passwords, and ideally provided with a password manager for critical accounts. I’d also recommend enabling two-step verification wherever authentication is required.

Use A Single-Sign-On (SSO) System

SSO is an excellent option for managing account access. It creates a consistent login experience for your users, ensuring they don’t need to remember a range of different credentials. They need only log in once to gain access to all the necessary assets and resources, including your content collaboration system.

In this way, SSO automates much of the security setup that you’d otherwise have to manually manage, providing lateral access between cloud users and cloud tools. This enables more centralized management of passwords and authentication, just-in-time provisioning, and automatic lockout. It can also help reduce the security risks posed by high login numbers and cloud applications in daily operations.

In Closing

Currently, security leaders do well enough when it comes to protecting stored material and in-transit data. However, particularly in an era of distributed work, they need to do more. They need to protect data once it leaves the firewall, controlling both access and editing permissions for critical documents.

Without this file-centric approach to security, your distributed workplace will, for all intents and purposes, not be fully secure.

Tim Mullahy
Tim Mullahy is the Executive Vice President and Managing Director at Liberty Center One, a new breed of data center located in Royal Oak, MI. Tim has a demonstrated history of working in the information technology and services industry.


Mastering The Art Of Instagram Success: A Guide For Restaurant Owners

Hey there, fellow restaurant owners! Today, let's dive into the world of Instagram success and how we can master the art of it. Trust...

Navigating The Fundamentals Of Address APIs

Overview Navigating the intricate world of address APIs can be daunting for business leaders, especially when the stakes involve the precision of crucial data. As...

The Ultimate Guide: Effortlessly Convert PDF To Word With Smallpdf

Introduction to PDF and Word Formats Welcome to the ultimate guide on effortlessly converting PDF to Word Converter If you've ever found yourself in a...

Empowerment Of Minds Through Cyber Security Education At Trendzguruji.me Cyber

There's no doubt that in a digital age, cyber security is consummated. Technology is growing and becoming more sophisticated every day, while along comes...

The Real Use Cases Of Introducing Blockchains In The Business Landscape

The Ethereum blockchain has become synonymous with innovation and development in the digital finance environment. Since its launch, it has become widely recognized for...

Soft Skills: What They Are And How To Include Them In Your Curriculum Vitae

Have you recently finished your studies and want to start entering the world of work? Or have you already gained some experience and want...