1. Define dynamic policies for file sharing
Most federal security policies take a binary approach to file sharing, restricting some types of sharing while allowing others. Some of the more stringent rules are generally applied to cloud services.
While this is understandable given the uncertainties surrounding some of these services, the fact remains that many cloud applications are easier and faster to use than traditional methods of communication, such as email.
Instead, agencies should consider implementing data loss prevention policies. With DLP, the focus is on protecting against in-flight data loss, not stopping transfers altogether. The risk is dynamically assessed based on a unique predefined policy that assigns specific actions based on the file service used.
For example, files sent via OneDrive can be analyzed according to criteria different from those of shared files Box Where Google drive. Meanwhile, internal file sharing may be scanned differently from files shared externally. The scan may show that a particular file needs to be blocked, but this does not prevent sharing of other files on the same service or on different services. The balance between productivity and safety is maintained.
DIVE MORE DEEP: Find out what document management systems are and how they can help your agency.
2. Expose and control the use of unauthorized cloud services
Of course, that doesn’t mean that users should be allowed to take advantage of any cloud service they prefer. Even when working remotely and with their own devices, employees should adhere to the use of well-enforced cloud services, deemed secure and provided by the agency. Unfortunately the the use of unauthorized cloud services and third-party file sharing has increased in today’s remote working environment.
More than ever, IT managers need to gain visibility into the applications employees use to share files across networks. Unauthorized cloud applications should be identified and potentially blocked and removed.
If managers discover that a large number of employees are using the same unauthorized applications, they should view it as a chance to assess whether their authorized applications are still contributing to employee productivity. In all cases, security policies must be applied to all applications, even those deemed appropriate, to ensure the security of file transfers.
MORE FROM FEDTECH: How can agencies keep shared document data secure when users leave?
3. Calculate the risk based on user behavior
The combination of DLP and application visibility with employee behavioral analysis forms a powerful defensive position. Behavioral analysis – the monitoring of risk based on typical employee behavior patterns – can help agencies identify and address the real red flags of file sharing without sacrificing the productivity of the entire organization.
Most employee activities tend to be low risk. Even if they use cloud services to share information, their actions generally pose very little threat to the agency.
However, when an anomalous pattern emerges, security officials can take immediate action and target the employee’s account in question without forcing a widespread shutdown that affects others.
LEARN MORE: How can your agency best support hybrid work environments?
4. Implement a zero trust architecture
A zero trust approach should be implemented to further strengthen the agency’s security base and mitigate the potential for exposure. Trust in users should never be implied; on the contrary, whenever a user attempts to access or share information, that user must be verified. Only users who need to access certain information should be allowed to access it.
This approach should apply to everyone in the agency, but it is especially important for those who work with very sensitive information or who have shown signs of risky behavior.
A person with a secret permission level, for example, clearly poses a greater risk than a person with a confidential permission level. The former has a higher risk profile and therefore should be the subject of further consideration.
Likewise, a person who regularly exhibits potentially risky actions (regularly uploading personal files to a cloud drive, for example) also requires careful consideration.
However, every employee should be seen as a potential vector for data leakage. Combining zero trust with behavioral analytics can help agencies determine which employees are most likely to introduce risk – allowing agencies to focus their efforts on those users – while still continuing to analyze the rest of the business. ‘organization.
TO EXPLORE: Find out how zero trust is gaining ground in the military.
5. Take an agile approach to file sharing security
It is clear that hybrid and remote work is here to stay, at least to some extent, and the use of cloud services will only accelerate.
The DOD IG report said 68% of employees surveyed want to work from home for more flexible working hours, better work-life balance and reduced commute times. Agencies must do what they can to balance the productivity desires of employees anywhere with the ever-present security challenges.
Taking a non-static, focused, and agile approach to security can help agencies meet employee needs while protecting their data.