Do You Know Where Your Data Is? Out-of-Sight Data and Your Remote Workforce
Do you have employees working from home? Congratulations! You’re now a multi-location business!
As a multi-location business, your IT network is a lot more complex than it used to be when everyone was working under the same roof. You have more to think about in terms of security and productivity, which includes making sure that your data is 100% visible to IT.
If your data isn’t visible, what is it? Invisible? Let’s call it out-of-sight.
Before we talk about how this happens, let’s explore why you should be concerned about out-of-sight data.
Troubles With Out-of-Sight Data
Have you ever wanted a fence around your backyard? Maybe you don’t want the neighbors to see everything you’re doing. If you have small children or pets, a fence will keep them safe from hazards and contained in an area where you can monitor what’s going on. A fence will also keep what’s on the inside safe from what’s on the outside by discouraging uninvited visitors.
Putting boundaries around your data works in a similar way and not having those boundaries increases your overall business risk.
When IT can’t see your data, you increase the risk that:
- Cybercriminals will be able to access it.
- Unwanted eyes will see it.
- It will be changed or corrupted.
- It won’t be there when you need it.
How Does Your Data Get Out-of-Sight?
1. Personal Devices Used for Work
As you scrambled through your first few weeks of getting everyone set up to work remotely, you might have had to go with some options that were less than optimal. For example, you may have had to let your employees use their personal computers for work. You could have data on these devices right now because files are getting saved to the local hard drive on each person’s computer.
When employees use company-managed devices you can do more to assure that data is saved where you want it to be saved. IT can set up rules that will limit data saving options to only those places that are managed by IT.
RECOMMENDATION: Equip employees with company-managed devices so that you can create technical boundaries (or rules) that will prevent them from saving files anywhere but your company server.
2. Insufficient Access to Server
Whether they are using company-managed or personal devices, another reason why employees may be saving to their local devices is because they can’t access your server. Your server, however, may not be the problem. The bottleneck could be the internet bandwidth going to your physical server.
Think of it this way – when everyone (or almost everyone) was working in the office, they used your internal network, not the internet, to get to the files and software they needed. When everyone is attempting to get to your server from multiple locations, they’re now crowding your bandwidth pipe and that pipe has a finite amount of flow.
RECOMMENDATION: Consider moving your server to the cloud. When the access path goes directly from the user to their files and apps is in the cloud, you don’t have to worry about bandwidth constraints. Bandwidth may become an issue again when employees return to the office and the traffic pattern reverses.
3. Insufficient Collaboration Tools
The sharing of files for collaboration is commonplace and needed whether it’s internal to your team, or external to customers and vendors. Unless you provide a way to share files, your people are going to find their own workaround using services like Dropbox and Google Drive.
Not only do these workarounds take your data out of IT visibility where it can’t be managed or backed up, they can create more steps in operations and cause friction with customers who are expecting a better digital experience.
RECOMMENDATION: Provide your workforce with a collaboration and communication platform like Microsoft Teams. Workers will be happy that you’re equipping them with a tool where they can not only keep your data inside your network, they can make Teams their go-to console for managing their communications according to projects, customers or whatever topics make sense for their workload.
4. Ineffective and Unenforced Policies
Effective cyber security includes both technical and non-technical layers, and within the non-technical layers are security policies. These policies spell out the acceptable ways that employees can access data and provide guidelines for situations that they might encounter such as requests from vendors to access your network, or what to do when offboarding an employee.
Security policies also give employees instructions on what to do in the event of a data breach, and helps people better understand their role in maintaining security.
RECOMMENDATION: Make sure that you have a section in your policies that address remote work situations. Make your policies stick with training and enforcement.
Do You Know Where Your Data Is?
You had options when you set up your employees to work from home and you may have had to make sacrifices in order to move fast. Now’s the time to take a step back and evaluate how your new multiple location network has either kept data in IT’s sight – or not.
Contact us for an IT assessment. We’ll help you uncover gaps that are increasing your risk, and compromising the security and productivity of your whole company.