One of the top ways that data “leaks” out of an organization is through the endpoints (laptops, tablets, and smartphones) of departing users. IT should, of course, do what it can to prevent data leakage, but it also should make sure that the endpoint doesn’t have the only copy of data. Several recent surveys indicate that as much as 40% of the data on the endpoint is unique. It’s not backed up and there is no copy of that data on data center storage. The uniqueness of data means if a leak occurs the organization loses that data.
When an employee leaves (quits or get fired) the organization, especially if the organization has a Bring Your Own Device (BYOD) policy, the laptop and/or tablet is theirs, so they have every right to take the device with them but not the data it contains. Very few organizations have, as part of the exit policy, a procedure to make sure that organizational data on those devices is copied or moved from the laptop onto corporate file servers. Even if the organization does have such a policy, it is logistically tough to enforce.
The user, once they’ve left the organization, will either delete it, use the data in their new job or just let it sit on their laptop forever, leaving it susceptible to a future malware attack. All three of these potential outcomes put the organization at risk. An endpoint backup solution can ensure that the organization doesn’t lose its copy of data and may prevent the former employee from leaking that data.
IT needs to treat the protection of devices with the same level of priority as it does its applications. There is too much unique data to on endpoints to ignore them. Also, the points of resistance to endpoint backup are decreasing. There are endpoint backup solutions that are barely noticeable to the end-user while they are protecting the user’s device and they leverage the cloud instead of a complex VPN structure to store data.
Endpoint solutions can also help with data leakage. Many solutions have a remote wipe feature. If a laptop has been set to remote wipe, the next time it connects to the Internet it is wiped clean. The problem is, in a BYOD model, users have the right to keep their data and their programs. Some remote wipe programs have the intelligence to only wipe specific corporate data storage areas on the laptop. While not a perfect remedy, it does provide some data leak limitation.
Endpoint protection is a must-have for the modern organization. There is just too much data on endpoints that is not also in the data center. Also, the quality of endpoint protection solutions, both from the user’s point of view and IT’s has improved substantially in quality and capabilities. Endpoint protection not only enables users to get back to work fast if they lose their laptop or it breaks, but it also enables the organization to ensure that it has a copy of all sensitive data.
To learn more about endpoint protection sign up for our on demand webinar.