Nothing accelerates change quite like a crisis.
For many years, technology leaders and Chief Information Security Officers (CISOs) have wrestled with a common set of security challenges. These pain points have been amplified since COVID-19 disrupted our work environments. At Box, we have seen our customers and partners accelerate their decision-making to address security needs, which have taken on a new level of urgency.
This "new-normal" is challenging, but it also presents an opportunity. As we settle into a deeper understanding of what our remote-working future looks like, enterprise leaders can take advantage of this turning point to embrace security differently.
Doing so starts with understanding what operational excellence looks like in a non-crisis environment, then applying the right tools to address our biggest risks in the current environment.
The four pillars of security excellence
Building operational excellence in the information security environment has four key pillars: Content, Access, Visibility, and Remediation.
The first pillar is the content itself. Content sprawl happens when organizations don’t know where their content is being stored. In contrast, good information governance leads to content consolidation—a best-case scenario when an organization maintains awareness and ownership of where their content lives. Without it, organizations face data leakages, and the crown jewels of an organization could be scattered anywhere.
The second pillar is access. This includes access rights for on boarding and off-boarding new employees. Most organizations are enthusiastic about setting up new users, which can lead to access proliferation, but they’re less adept at removing access when it’s no longer needed and ensuring that devices accessing corporate content remain secure. Access integration brings order to that chaos by making sure that access is limited to those who need it, by deploying solutions such as Device Trust for users and their devices.
The third pillar is visibility. As organizations increasingly rely on multiple platforms and applications to do their work, true security requires knowing which pieces of content are being used by whom, and maintaining the ability to detect threats. That visibility is made possible by having a single pane of glass that lets you apply and monitor your security posture consistently, regardless of whether your content is being stored and accessed natively, through third-party applications, or through a collection of APIs. This single pane of glass is possible by building upon the foundational pillars of content consolidation and access integration.
The fourth pillar is remediation, which addresses how an organization responds to anomalous activity. Effective remediation is built on baseline information about how users and processes in the system behave—who typically accesses which documents from which locations—and having a response system you can trust to address those anomalies.
In any work environment, failing to address these pillars creates security risk, and these threats have been amplified in recent times.
Transforming how we approach security
In spite of existing challenges, enterprises still had to instantly scale up their capacity for remote work when COVID-19 struck. As the healthcare crisis continues, organizations must still support their day-to-day operations without compromising security. Just as we have seen a shift from cloud-first to cloud-only, we are now seeing a shift from remote-first to remote-only. This has senior leaders in enterprises around the world asking a very fundamental question: “In this new world, how do we manage remote work with the level of precision that we need?”
I believe that level of precision demands a different way of thinking about security. Secure remote work can’t be a band-aid approach —it has to be a way of life. That means organizations need to provide employees with secure access to essential information and maintain threat detection tools using controls that are built-in, not just bolted-on. The enterprise leaders who will thrive in our new digital reality are the ones who adapt to building security into their processes and applications.
The good news is that they can leverage technology to do it without creating unnecessary friction for end users.
Protecting information with technology that is built in, not bolted on
With AI/ML and automation, we have an incredible ability to identify patterns and anomalies and implement standard protocols in response. Machine learning models can understand when data is sensitive and needs greater protection, shutting down certain actions without human intervention. More importantly, the model can learn which responses are appropriate in which circumstances, allowing a more precise application of security protocols, while ensuring that you're neither overprotected nor under-protected.
Using automation successfully relies heavily on the single pane of glass you need for operational excellence. Organizations need to have a high degree of trust in the intelligence they generate from that single pane of glass, so they can be confident that the actions they take through automation are commensurate with the level of risk. You don’t want a security solution to create more work by constantly “crying wolf.”
The other tool is data classification—an idea everyone believes in, but few want to tackle because it can feel like such an overwhelming task. Many organizations have basic policies that explain how documents should be classified (such as secret, proprietary, confidential, internal, and so on), but these systems typically depend on users to classify them, and the policies are rarely enforced.
However, we can deploy classification at the scale and velocity organizations need by leveraging the ability of AI and machine learning to identify patterns. For example, ML algorithms can be taught to spot social security numbers or credit card information, or other personal and private information that warrant a specific level of protection, increasing our ability to apply the right layer of security to the right information.
To work effectively, the models need to be “trained” by humans, who can tell the system when they’ve flagged the right and wrong things. However, when implemented well, the models basically give organizations the power to freak out about the right things and avoid becoming desensitized to endless alerts from a poorly designed system that identifies everything as a problem.
Applying these tools alongside the four pillars of operational excellence is where Box excels. Box consolidates content into a trusted ecosystem that serves as a system of record that can drive business resilience and process excellence. It integrates seamlessly with the many systems of engagement—the best of breed apps and platforms that companies use to do business—and uses technology to accomplish tasks that can’t be done manually or with bolted-on solutions.
To learn more about how you can achieve secure and convenient remote work with Box, and how we’re continuing to differentiate with our built-in security capabilities, I invite you to register for our August 6 webinar, called Revolutionizing Data Classification with Box.