Data and information are the new gold. Protecting it from unauthorised access or loss is becoming increasingly important; IT security is now business-critical. The amount of data we handle today also makes it difficult to keep track of what is sensitive data, public data and who has access to each.
How many Hollywood movies are about access to data? For the sake of suspense, our hero often has to protect a location or a physical memory. The number of USB sticks and hard drives gone astray in both movies and real life is countless. At the same time, much of corporate data resides in the cloud where hackers don't have to crawl through ventilation systems to get to server rooms. Data in the cloud is theoretically accessible wherever you are if it's not protected.
Rikard Burman works with security issues at AddPro. He has helped many people take charge of their security in order to work efficiently and securely in the cloud. He has six tips and a small warning for all companies that want to protect their data from unauthorized people and ensure that no information is lost by mistake.
1: Tagging documents
Microsoft 365 EMS has a data security tool called Azure Information Protection (AIP) that allows you to tag documents. This can include tags such as confidential, internal and public. When a document is saved, the author has the option to tag the document based on the sensitivity of the content. In higher versions of AIP, tagging can be automatic if the document contains a given keyword. For example, a document containing the word "annual report" can be automatically tagged as confidential. The tagging is then the basis for permissions, i.e. who can open, edit and print a document.
2: Permissions to files and folders
The permission is naturally linked to the user. Many companies have already started using Teams and SharePoint for their collaboration. It is easy to set up permissions in who sees what in each system, but it is also possible to protect files saved in different folder structures. This means that files saved in the management team's SharePoint can only be accessed by the management team. If an unauthorised person tries to open a protected document, the attempt is logged and it is also possible to set an alarm when this happens.
3: Shared documents are protected
Whether it's files on a USB stick being handed over or attached to an email, many documents that would do great harm in the wrong hands sometimes need to be shared. An email with an attached file can go astray or the wrong file is attached at an inattentive moment. With proper tagging of documents, data security is increased as only authorized people can open them.
4: With autospar nothing is lost
Autosave is the first step to ensure that no information is lost. By working against OneDrive, all changes are automatically saved for the document you are working on. If there are several of you working on the same document, there is no risk of you saving over each other's changes, autospar solves this automatically. Open a document you've been working on and you'll be guided to the piece you last edited using smart features.
If you are several people working on the same document, there is no risk of you saving over each other's changes, autospar solves it automatically. Open a document you've been working on and you'll be guided back to the piece you last edited using smart features.
5: No more conflict copies
There are also tools in SharePoint and thus indirectly in Teams for version history. With a few simple keystrokes, a document's versions can be tracked. By using a collaborative platform such as Teams, several people can work on the same document at the same time without versions or conflicting copies. It also saves time as the collation of information, such as a report, is done in real time. By going back in history, you can see who did what and when and restore older versions.
6: Check out a document and take control
Sometimes situations arise where you want to have full control over a shared document. No one else should be able to edit or add until you have made your changes. Maybe you're flying to a client and want to work on the trip? Check your document out of SharePoint and no one else can edit it until you've checked it back in.
Data is only valuable if it is current and up to date. Finding procedures and digital tools for secure information management is critical for many companies today.
Shadow IT threatens data security
If it becomes too cumbersome to layer on security without considering usability, shadow IT will most likely emerge and threaten data security. Shadow IT means that workgroups will find ways to collaborate beyond the control of the IT department. This can include chat, cloud storage services and entire collaboration platforms that are not managed by the company's IT department. By offering effective tools that make work easier and more efficient, companies can counter shadow IT and the security risk it poses.
- An authorisation can be revoked while a document in error is forever insecure," concludes Rikard.