Chaos, Ransomware, & Risk: How to Mitigate Cybersecurity Threats

By Mike Zawisza posted 09-01-2021 09:00


The increased adoption of virtual collaboration systems – like Microsoft Teams – due to the pandemic has created a new, hybrid workforce. While this massive switch has allowed organizations to operate during these unprecedented times, new threats have arisen. Cyberattacks – including ransomware – have increased by 62% over the last year. This has led the White House to declare the threat of cybercrime on-par with terrorism.

While cybercriminals and hackers have become the face of these attacks, human error is actually the largest risk factor leading to an attack. In fact, nearly 95% of organizations that experienced a cyberattack or data incident last year did so due to internal human error.

Organizations need to develop a data protection plan that not only helps them secure their data, but also eliminates human error surrounding their workspaces as well. Organizations can achieve this by implementing process-driven collaboration, protecting data with need-to-know security models, and minimizing unnecessary data.

Provision Projects Across Systems and Reduce Data Chaos 

When left to their own devices, users often save and store data within locations most convenient to them – such as their vulnerable personal drives. While this may seem innocent enough, it is actually a major cyber risk as users begin to create data chaos. This data chaos inhibits users from locating content in a timely fashion and can create immense difficulties when it comes to collaboration. Risk management teams also struggle to identify projects and documents, meaning they can’t apply proper security and/or minimization policies across systems.

An increase in data chaos can also lead to an increase in the amount of unnecessary data floating around a collaboration system. This means cybercriminals could steal and ransom data if they were to gain passwords and credentials of a user.

If a breach were to occur, a cybercriminal would be able to access these files without issue, copying and deleting files for as long as 280 days before being discovered. In that time, your organization will have lost millions of dollars’ worth of data, not to mention regulatory penalties and fines. For organizations that rely on multiple collaboration systems, data chaos can become exponentially worse – leading to even greater risks of cyberattacks.

To mitigate this, organizations should provision their workspaces and folders f, in order to organize their engagements, matters – whatever you may call it – across collaboration systems. When users know where to place data, they are less likely to save it in their local drives, reducing the risk that a hacker will get access to their content.

From there, organizations can add rich, custom metadata to projects or matters across systems. Adding and tracking such custom metadata allows users to quickly search and find their content, improving collaboration and productivity. This metadata also enables your risk management teams to understand business context of data and apply relevant security and minimization policies.

Regulate User Access Permissions

Another important notion regarding data protection is that users should not have free reign to access whatever data they want. In reality, users don’t need to have access to all the data in a given organization. Instead, organizations should operate on the basis of “least privilege” and establish a Zero-Trust security model.

Through this method, users start with the minimum level of access they need to complete their jobs. As the status of certain projects change — or when a user departs an organization or department users should have their access permissions removed. This practice isn’t only for when users leave a project or organization. Recent hires need to have permissions granted when they join an organization. Not only that, but your organization will also need to add users to an ongoing project over the course of its lifecycle.

Your risk management team can also utilize the metadata we discussed previously to determine when users need permissions stripped or added user permissions on a role-basis with expiration dates.

If a hacker were to gain the credentials of a user, it is unlikely that they would be able to gain access to an exorbitant amount of files. Once the breach occurs, the risk management team can quickly remove all permissions from the affected user, denying the cybercriminal the opportunity to interfere with your data.
Store Important Data Off-Premises 

In today’s world, it’s not if an organization will be hacked, but when. Organizations need to invest in an off-premises storage location for their most important data.

By storing documents in a private AWS or Azure tenant with the metadata and security stored in software solutions, like Prosperoware CAM, organizations can create an archive that serves as a back-up in case of a breach or outage. Users can access the archive through a One-Time Password (OTP) and download or check-out documents through a profile search. Once systems are back online, service desk or end users can check the documents back in.

For instance, if a breach were to occur, your organization would have peace of mind knowing that hackers cannot hold data ransom over them because they have that document archive. Not only that, but your organization can still access this data and maintain business continuity.

Disposing of Data

While protecting the most important data is paramount, organizations may not realize disposing of extraneous data is equally important. Without deleting the unnecessary data from past projects and matters floating around your organization, you’re creating a “buffet” of data for hackers to choose from. This data, while unnecessary for current business, may contain client information or organizational property.

Implementing data minimization policies requires involving your key business departments and strategic leadership. Each department has unique data needs, and you need to understand them before deciding the disposition journey and when to engage in full data deletion.

For some organizations, simply moving data to their primary content repository and then deleting it in a few years is enough. Some require a more detailed approach involving archival and anonymization. The steps your organization assigns for its disposition process are a group effort and depend on your business case and strategy.

Regardless of which way your data minimization strategy unfolds, data should only be kept for as long as it is useful. That’s why proper data minimization policies can mitigate risks leading to cyberattacks, keep your organization compliant with regulatory standards, increase efficiency, and save money.

While these steps are all part of effective risk mitigation and data protection, it can be a time-consuming process to implement them manually. Sometimes a software solution is needed to take you the extra mile.

How Prosperoware Helps 

Prosperoware CAM is a Software-as-a-Service platform (SaaS) for adoption and governance of collaboration systems. It allows organizations to provision, classify, protect, move, and minimize data, mitigating data chaos and reducing risks related to privacy & cybersecurity.

CAM enables organizations to create logical locations for users to place data. It provides rich custom metadata, empowering users to locate documents, and risk management teams to understand business context in order to apply the right security & data minimization policies.

CAM integrates with Microsoft 365 (Microsoft Teams, SharePoint Online, OneDrive, OneNote, Planner, Lists), iManage, NetDocuments, HighQ, and more to come.

Here is what CAM can do for you:
    • Provisioning of workspaces, Teams, Channels, Lists, users & groups, and folders from Project Portfolio Management, CRM etc., or through a human workflow using readily available templates.
    • Rich, custom metadata for project or document context.
    • Unified project directory for content location for end users and risk management teams.
    • Provision automatically or on-demand internal & external users, manage permissions across collaboration systems, and integrate with leading ethical wall systems.
    • Data Loss Prevention (DLP) with activity monitoring and bulk security & metadata changes.