Earlier this year multiple European governments and media agencies were given a stark reminder of the pervasive cybersecurity threats that exist in a world without traditional network perimeters. The Zimbra webmail zero-day attacks sent organizations scrambling to contain the damage when a cadre of suspected Chinese hackers infiltrated these organizations’ systems in an attempt to spy on users and access their emails.
The operation, dubbed “EmailThief,” was further evidence that, in network environments that have become nearly completely borderless and cloud-driven, it’s no longer enough to implement firewalls or traditional means of data protection. Today, your organization must take a more targeted approach to protect the most valuable thing it has, the one thing all hackers are trying to access and control: your data.
WANT TO STAY IN THE KNOW?
Get our weekly newsletter in your inbox with the latest Data Management articles, webinars, events, online courses, and more.
Perhaps your organization is in one of the many industries where data protection is especially important: financial services, government, or health care. Perhaps it was even one of the 200,000 companies and 1,000 government agencies that were potentially impacted by the Zimbra attack. Regardless, this type of attack is becoming more commonplace; it was not the first of its kind, and it will not be the last.
That’s what drove President Biden to release his Executive Order on Improving the Nation’s Cybersecurity. At the heart of the executive order is the need for better data protection. Implementing a zero-trust security architecture is the recommended solution, but how do you do that in an environment where data sharing is just as important as data security?
The answer is to adopt a data-centric approach to data security that is about more than just making sure only the right people have access to the right information. It’s about securing the data objects themselves so that information is highly protected, even in a perimeter-less environment. It’s about providing users with the confidence to be able to share sensitive information freely, without giving up control and compromising data sovereignty.
Let’s look at two key steps you can take to create an effective zero-trust security architecture that focuses on data protection.
Security officers have been trained to defend their organizations’ “attack surfaces,” but what does that even mean anymore? Attack surfaces aren’t what they used to be. Today, an attack surface could include cloud services, third-party service providers, remote work environments –the list goes on.
Yes, you must continue to do your level best to protect endpoints, networks, and such. But you should also think more granularly and shift your focus away from macro policies designed to protect your overall network in favor of micro policies that protect emails, files, applications, and more, and the data they contain – regardless of where that data resides.
By shifting your efforts toward these pieces of information, you’re putting your cybersecurity efforts right where they need to be. Instead of devoting all your time and resources to protecting an ever-broadening perimeter, you’re ensuring that at least some of these resources are being applied to what matters most. With this level of protection, even if your network is breached, or a user identity is compromised, your data will remain safe.
But what happens when that data leaves your premises? After all, data is always in motion. Sharing information between agencies was how our government was able to make strides against the COVID-19 pandemic. It’s what enables business partnerships that drive innovation and growth.
Protecting data that’s constantly in transit requires applying policy control directly to data objects. This can be done through controls like the open standard Trusted Data Format (TDF), which allows organizations to use military-grade encryption around emails, files, and other data objects. With TDF, data is well-protected no matter where it exists – even while in-flight – and ownership and control is maintained by the party that created and maintains the data.
TDF has been in use by U.S. Intelligence agencies since 2012. Since its inception, it has become a go-to solution for government agencies looking for a secure way to protect data objects. TDF integrates into the workflows organizations use every day and essentially places a wrapper around the objects that stays with them wherever they reside. Organizations can attach role-based access controls to the data and implement simple policy controls around the data itself to ensure its protection across any environment.
The Zimbra attack was one of the latest reminders of the potential damage that determined hackers can do when they’re able to obtain access to information. We’ll get plenty more reminders in the months and years ahead. For now, we can rest assured that we can protect against future threats. The answer lies in expanding our focus beyond the network perimeter and concentrating on protecting the data itself.