In today’s world, it is very important to protect our data. Every day we can read some news over stolen information from companies. If we start the discussion about this topic, then in the first moment I hear things like: “We don’t have such problems, because we have a great virus scan, firewall and our proxy servers are blocking DropBox and other cloud storage providers.” But after a short while they start telling us some problems in their solution, like the mobile users can upload the documents in the guest WIFI or at home, because there is no proxy server there. Or the users are sending the files to their private mail account and share it from their home computer. The big problem is, that the data is moving around between their protected and external unprotected systems. They also agree, that they have no system to detect if an attacker is already in their network and is stealing data. Until now, their where only focused in protecting their systems and not their user identities and business data.
This means, that the old tools to secure the infrastructure with clear boundaries are no longer the only way to go and have to be extended with new security solutions. In this picture, you will see the situation like it is in many companies:
The security officer and the IT personal is aware of these problems but don’t know, how to respond to these new cyber threats’.
Start protecting your Environment
Now your question will be, how can I change this situation?
- Detect if an attacker is in your network
Start using Microsoft ATA. This is completely an on-premise product. My fellow Mirko has created a good video, which explains the usage of ATA.
Protecting your data
Microsoft has created a framework, which will help you to improve this situation easily. An immense help is Azure Information protection, which can encrypt data on a per file basis. With this technology, the file will be protected in every location. Even better, you can also revoke the access to it, limit the permissions like printing or specify the people, which have access to it. In my next Blog post, I will show you how you start the journey to stop data theft. A normal implementation will follow these steps: