“If you know the enemy and know yourself,
you need not fear the result of a hundred battles.”
– Sun Tzu, The Art of War
A critical element of any security plan is to assert command and control of every route through your defenses. This applies to airport security, military defense, and of course, to information security. To set up a defense, you need to understand the ground you are defending as well as the true intent of the adversary.
Adopt modern defenses to keep pace with growing threats
Over time, threats to information security, such as ransomware and network intrusions, have grown with the volume of information. Besides volume, the allure is the lucrative payoff of accessing personal and financial information stored on most networks. The good news is the availability of far more sophisticated defenses against network intrusion and unauthorized access, such as two-factor authentication. At the same time, however, most organizations need a better understanding of the information assets they are guarding, where they lie, who has access and novel approaches adversaries use to profit from information access.
Adopt a strong information governance program to increase protection
Security that depends solely on perimeter defenses and two-factor authentication is wholly insufficient. Organizations must have a rich understanding and effective control over their information assets. Keeping legacy content on large network file shares or archives with broad access is a data leak waiting to happen. Employing a strong information governance program that eliminates legacy information past its legitimate retention period and carefully manages the rest are key first steps in protecting the most valuable information assets. In particular, protecting content starts with taking a closer look at which content contains sensitive data such as personal, financial, and health information and applying “need to know” level access controls that prevent such documents from showing up broadly in search results or being exposed to large-scale downloads of content.
OpenText is a trusted information governance partner to thousands of organizations worldwide, helping them protect and preserve content. Ultimately, this depends on expert information management and ongoing innovation. To that end, we’ve prepared the “Critical content protection and risk mitigation guide” that will lead you through key steps to achieve Zero Trust Information Governance. Access it below.
