Protecting Against Departing Users

One of the top ways that data “leaks” out of an organization is through the endpoints (laptops, tablets, and smartphones) of departing users. IT should, of course, do what it can to prevent data leakage, but it also should make sure that the endpoint doesn’t have the only copy of data. Several recent surveys indicate that as much as 40% of the data on the endpoint is unique. It’s not backed up and there is no copy of that data on data center storage. The uniqueness of data means if a leak occurs the organization loses that data.

When an employee leaves (quits or get fired) the organization, especially if the organization has a Bring Your Own Device (BYOD) policy, the laptop and/or tablet is theirs, so they have every right to take the device with them but not the data it contains. Very few organizations have, as part of the exit policy, a procedure to make sure that organizational data on those devices is copied or moved from the laptop onto corporate file servers. Even if the organization does have such a policy, it is logistically tough to enforce.

The user, once they’ve left the organization, will either delete it, use the data in their new job or just let it sit on their laptop forever, leaving it susceptible to a future malware attack. All three of these potential outcomes put the organization at risk. An endpoint backup solution can ensure that the organization doesn’t lose its copy of data and may prevent the former employee from leaking that data.

IT needs to treat the protection of devices with the same level of priority as it does its applications. There is too much unique data to on endpoints to ignore them. Also, the points of resistance to endpoint backup are decreasing. There are endpoint backup solutions that are barely noticeable to the end-user while they are protecting the user’s device and they leverage the cloud instead of a complex VPN structure to store data.

Endpoint solutions can also help with data leakage. Many solutions have a remote wipe feature. If a laptop has been set to remote wipe, the next time it connects to the Internet it is wiped clean. The problem is, in a BYOD model, users have the right to keep their data and their programs. Some remote wipe programs have the intelligence to only wipe specific corporate data storage areas on the laptop. While not a perfect remedy, it does provide some data leak limitation.

StorageSwiss Take

Endpoint protection is a must-have for the modern organization. There is just too much data on endpoints that is not also in the data center. Also, the quality of endpoint protection solutions, both from the user’s point of view and IT’s has improved substantially in quality and capabilities. Endpoint protection not only enables users to get back to work fast if they lose their laptop or it breaks, but it also enables the organization to ensure that it has a copy of all sensitive data.

To learn more about endpoint protection sign up for our on demand webinar.

Sign up for our Newsletter. Get updates on our latest articles and webinars, plus EXCLUSIVE subscriber only content.

George Crump is the Chief Marketing Officer at VergeIO, the leader in Ultraconverged Infrastructure. Prior to VergeIO he was Chief Product Strategist at StorONE. Before assuming roles with innovative technology vendors, George spent almost 14 years as the founder and lead analyst at Storage Switzerland. In his spare time, he continues to write blogs on Storage Switzerland to educate IT professionals on all aspects of data center storage. He is the primary contributor to Storage Switzerland and is a heavily sought-after public speaker. With over 30 years of experience designing storage solutions for data centers across the US, he has seen the birth of such technologies as RAID, NAS, SAN, Virtualization, Cloud, and Enterprise Flash. Before founding Storage Switzerland, he was CTO at one of the nation's largest storage integrators, where he was in charge of technology testing, integration, and product selection.

Tagged with: , , , , , , , , ,
Posted in Blog

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 25,542 other subscribers
Blog Stats
%d bloggers like this: