Are our systems secure? Is our valuable content safe? These are tough questions to tackle when news headlines regularly bombard us with messages of cyberattacks and security breaches. Centrify, a zero-trust and privileged access management provider, reported that 71 percent of business decision-makers are concerned that the move to remote working creates a significant increase in the risk of cyberattacks.
In August 2020, Egnyte partnered with Wakefield Research to survey 400 C-Level IT executives from across the U.S.* to understand how the remote work revolution is changing their governance strategies, and what they’re doing to get ahead of this sea change.
We’ve all been subjected to quaint media features that try to make business leaders seem like a joyful walk on the beach. They usually have a title like, “A Day in the Life of the CIO,” and they are laden with tropes that try to make the person relatable (“…and at 9:34 am, I finally get around to drinking that latte I got at Starbucks on the way into work!”), but truly the whole thing is just an annoying ploy to make you feel inadequate.
An unsecured AWS S3 bucket with 5.5 million business files was recently discovered by security researchers at vpnMentor. All of these files were publicly available without any password protection or other security protocols attached to them. This kind of thing happens regularly with cloud service providers, and it often occurs when IT teams neglect to set security and compliance rules within their cloud environments.
I sometimes wish someone with gravitas had said, “There is no content without security.” That would have looked good coming from Churchill or Lincoln. But their lack of foresight about content services doesn’t diminish a very important fact, one that carries its own brand of import: the importance of security and governance for a company’s critical data.
Last year, Capital One showed the world why data governance is so important when it was the victim of a massive data breach that exposed the personal data of 106 million customers. It is still one of the biggest hacks ever recorded, and the company has now been fined $80 million by banking regulators. A “what’s in your wallet” meme would work great here, but let’s keep this classy.
Chaos is never good for business, but the reality is that it’s the state in which many companies live on a daily basis. The global pandemic shut down offices and dispersed workforces to employees’ homes and other socially-distanced locations. Without data governance plans to support remote workers, employees scavenged for, and used, tools and processes that helped them get their jobs done, often with little regard for long-time implications or risk to the company.
APIs are everywhere within your organization. Many may be internal, but we’re willing to bet there are many third-party web services and APIs that your business depends on too. Keeping track of them all, and ensuring that your team chooses the best APIs for their needs can be a challenge. In some cases, your organization may be using an API they don’t even know about. The solution to this “web of APIs” is to apply the concept of API governance to your API dependencies.
