The drastic changes we are experiencing would have been impossible to imagine just a year ago, a period when we started seeing the CEOs become more involved in the conversations about data security in the managerial meetings.

Now the new reality includes new questions and answers in the exchange with senior executives, who must be sure of their data security in times that are uncertain instead.

In this context, according to Tina Stewart, VP, Thales Global Market Strategy, business continuity depends on security and precise access control.

From Covid to the cloud

Before the crisis of the Covid-19, IT professionals operated mainly in two worlds: onpremises and clouds.

The colleagues they were supposed to support were generally also physically on site, which amplified the sense of apparent security.

But in a few weeks IT departments suddenly found themselves responsible for protecting sensitive data from living rooms and kitchens on unknown routers, wi-fi connections and various personal computers, making security even more difficult to guarantee.

The two IT worlds have now become one: the cloud.

It plays, as most activities are now being carried out in the cloud, cloud data protection is now the main concern.

The boards are deepening the theme and their involvement also thanks to the same risk and audit committees that ask managers to define the cyber security measures to address the pervasive challenges of distance work.

Data security: the three questions to ask now

And with the evolution of variety and severity of risks, for Tina Stewart there are three critical questions that must be asked now in the managerial meetings.

First question: are data protected with end-to-end encryption and effective key management?

According to the 2020 Thales Data Threat Report-European Edition, almost half of all business data is now stored in cloud environments and 43% of such data is considered sensitive. In addition, 100% of respondents say that at least some of their sensitive cloud data is not encrypted and only 54% of sensitive cloud data is protected from encryption.

The global situation is similar, with 48% of sensitive data already in the cloud. In our current panorama, encryption is really crucial to protecting data on the move and at rest. Assailants can intercept unencrypted data traveling on a network, with an impact not only on privacy, but with a new possibility to modify or replace data and stage more sophisticated attacks.

To truly protect data, especially in today’s multi-cloud environment, all data must be encrypted and the control on encryption keys must be strong and organized.

Second question: do you have control over who accesses your data?

Authentication and access management is extremely important now that more and more people work from home and use cloud applications that make them a target for cyber attacks. The report shows that cloud applications are among the three main reasons why an organisation could be attacked (55% from the Emea index) with other unprotected infrastructure such as IoT devices (57% in Europe and the Middle East, compared to 54% globally) and portals

It is also known that most IT leaders (95%) believe that ineffective cloud access management is still a concern for their organisation. Without effective access management tools, organisations are at a higher risk of breaches, lack of visibility and have to bear additional costs due to the unoptimized cloud.

Third question: can all compliance requirements be met and best practices maintained during a fast-changing crisis?

Between existing cyber threats and new security problems caused by increased smartworking, an increasingly complex regulatory environment brings additional risks to companies. As the European index has shown, 52% of organisations have been in breach or have not passed a compliance audit in the last year (a slightly higher percentage than 47% of the overall report), making the speech on encryption and access management more important than ever

Collaboration with an external data security provider can help companies with the scalability, flexibility and efficiency needed to meet the expanding encryption and compliance requirements, reducing costs and complexity.

Leave a Reply

Your email address will not be published.

You May Also Like