Unstructured data is data, which is stored in a format that may present a challenge for auditing operations. Structured data usually comes in the form of a database, whereas unstructured data includes Word documents, PDFs, photos, videos etc. It’s often the case where such data is stored in a shared location. In order to prevent information leaks, it is critical to ensure that such data, along with those who have access to that data, can be identified quickly and effectively.
There are times when a company narrowly loses a bid to a competitor – who appear to be offering a strikingly similar product. Or times when a company’s trade secrets are patented by a competitor. Coincidence or not, information tends to leak. And data leaks in a variety of forms; from product designs to customer information – including credit-card details. Likewise, it’s sometimes the case where leaked information is used to damage the reputation of a company. There have even been cases where such information is used for bribery and extortion. Of course, data is not always leaked due to malicious intent; regardless, it’s not surprising that companies feel unnerved about having unstructured data scattered about their system.
Securing unstructured data, however, is not an easy task. Naturally, the first steps in securing unstructured data is to identify which company assets are the most sensitive at a given point in time. For example, once a proposal has been made, the information is less sensitive than it was before the proposal was made. By associating a time frame with a specific piece of information, policies can be temporarily put in place to secure this information. Likewise, it’s also very important to identify which employees have access to such data, and you may want to design a specific training program for the staff members involved.
It may also be worth examining any potential conflicts-of-interest associated with your employees, especially if they will be given access to critical data. Do they have any friends or relatives who are associated with any of your competitors? Are they an ex-employee of a competitor? Are they linked to any previous suspicious activities within the company? It may be wise to identify the devices associated with the employees who have access to the critical data and encrypt communication channels between those devices. And maybe think about using DLP (Data in motion) monitoring for information that traverses between suspected employees.
Feel free to share on social networks. Find the buttons below this post. Remember, information/knowledge is never enough. Let us spread the word!
Follow my blog for more insightful articles: http://temitopeadelekan.com
LinkedIn connect: Temitope Adelekan
This is article is written by Ajit Singh
Brought to you by Lepide Software
Edited by Temitope Adelekan