Digital transformation can put a modern enterprise at a crossroads: Should the organization take a strict or flexible approach to information protection?
A strict approach involves monitoring employees’ use of corporate assets, while a flexible approach aims to limit the impact on employee productivity and privacy while still protecting valuable corporate information. Each approach has its pros and cons. So, when deciding which approach will work best for your organization, consider the following questions:
- What is the productivity impact if employees can’t do their jobs effectively due to information access and sharing restrictions?
- If information is exfiltrated from the enterprise, either carelessly or maliciously, what is the business impact?
- What are the regulatory and compliance implications of monitoring employee activity on corporate assets?
Different approaches, different steps
In our information protection deployments, Proofpoint has seen enterprises taking the following steps with these two different approaches:
- Start with the most aggressive prevention controls on all users
- Educate users on why strict controls are in place and when to ask for exceptions
- Grant exceptions through escalations to support business needs
- Start with monitoring policies to understand potential risky behavior
- Educate users on best practices when sharing company information
- Establish prevention controls based on observations of risky behavior
Employee privacy: a shared concern
Respect for employee privacy is a shared concern in both approaches to information protection, and it’s addressed according to local regulations and compliance needs.
For example, screenshots of employee activities are typically captured when sensitive company data is at risk or if the employee engages in misusing corporate assets. But such capture is almost always avoided if there’s a risk of capturing an employee’s personal information.
One platform to support either approach
The Proofpoint Information Protection Platform enables either approach to information protection for enterprises. Here’s how it helps:
Flexible policy management
- Security administrators can configure data loss prevention (DLP) policies so that only activities related to sensitive data movement are captured and enhanced with user/application/web context.
- In cases that require monitoring of risky behavior, insider threat management (ITM) policies can be deployed to collect additional context around full user/application/web activities for forensic investigations.
- Optionally, if strict prevention needs to be employed, prevention and remediation controls can be configured to stop data loss.
Granular data access
- Security administrators can configure granular data access policies based on criteria such as a user’s country, function and activity type to ensure that user activities are viewed only on a need-to-know basis.
- Data access policies can be assigned to analysts as investigative needs arise and if proper approvals are obtained.
- Access to user data can be time-bound to help limit data exposure.
Learn more about information protection in our webinar
To learn more about how Proofpoint can help you balance information protection with employee productivity and privacy and to see a live demo, please watch the webinar that we hosted on March 24, 2022.