SecurityBrief New Zealand logo
Story image

Why consumer privacy is crucial in a remote work era

04 Mar 2021

Article by Bitglass CTO and co-founder Anurag Kahol.
 

The past year proved to be a time of dramatic change for companies and consumers worldwide, as the shift to remote work led to a surge in cloud usage as users, devices, apps and data were forced to move off-premises. In fact, 54% of organisations confirm that the pandemic accelerated the migration of workflows to cloud-based apps.

Most companies were unprepared as their technology, built solely for on-premises environments, was insufficient to protect the new cloud-based remote workforce.

Consequently, data breaches have become a regular occurrence, and consumers are increasingly discovering that their personal information is being gathered from these incidents and used without their consent.

Over the next year, we will see a permanent blend of in-office and remote work, and organisations must ensure that all their data remains secure.

Know where all that data lives

Companies can begin by keeping an accurate inventory of all data they control. By managing the data they have and where it goes, companies can maintain compliance with data privacy regulations while also protecting their customers’ privacy.

To address this issue, companies need to monitor all file, app, user and web activity with comprehensive activity logs to uncover the whereabouts of consumers’ data.

Ensure secure access

In addition to consistently tracking data, organisations must limit access to sensitive information and the storage systems that hold the information. This can serve as a challenge for organisations that leverage cloud technologies but do not use the proper technology to secure them.
Consequently, consumer data can be potentially accessed across numerous applications and on various devices.

To verify that users are genuinely who they say they are, organisations must enable single sign-on (SSO) and multi-factor authentication (MFA). These solutions can ensure all employees are authenticated before accessing sensitive information and create limits for who is accessing the data.
As more companies migrate to the cloud, it’s critically important that they have a clear understanding of data jurisdiction and the security challenges that may arise.

Data privacy regulations dictate that data can only be stored or moved when an agreement is in place or when the state has the authority to do so. To adhere to such regulations, companies must adopt security solutions that provide contextual-based access control, advanced threat protection and data loss prevention capabilities. 

For consolidated ease of use and cost-effective operations, organisations must utilise a comprehensive security platform that integrates all these capabilities into one offering. Only then can the modern enterprise ensure that all sensitive data is secure.