Do you store your financial records at an accounting firm? Do you store blueprints with a patent lawyer? Maybe you're a startup being funded by a venture capitalist—or your company is involved with mergers and acquisitions. The list goes on and on, but the point we're making is that there are a lot of reasons why your company might be sharing data with other businesses—but are you securely sharing those extremely sensitive information?
When it comes to data leakage, it doesn't really make a difference whether your business is B2B or B2C—customer communications is still risky business. Selling business-to-business often involves exposing sensitive parts of the enterprise—giving your business customers access to online payment portals, shared drives, and sensitive information like bank account numbers.
If you handle credit cards, you may already be in breach of PCI. If you handle medical records, you may already be in breach of HIPAA. The reason? Uncontrolled data exchange.
In our previous blog we spoke about how to extend cloud data protection to storage that was hosted off-premise. Storage is one of the primary applications for cloud storage. It’s easy for individuals to sign up for without detection or permission from system administrators, and thus it’s easy for end users to abuse cloud storage in turn, either unknowingly or on purpose.
Have you ever been asked to exchange a private document with your mortgage banker, realtor, accountant or doctor? Most are going to answer this question with a resounding, yes. Have you ever stopped to think if the content of that email message or its attachments were secure or not?
Imagine receiving an urgent phone call from one of your bank employees or contractors, apologizing for the fact that they just accidentally sent an email with a customer’s confidential account information to a random email address. Even worse, what if the phone call came from the random person who received and opened the email? Either way, both scenarios have very bad implications and pose a massive breach of privacy.