Sundaram Lakshmanan, CTO of SASE Products, Lookout, Inc.
Catch
In the cloud-based world, the line between work and life has blurred. In one moment, you can review company documents, and in the next, manage personal finances, all from one device. While this has made work more flexible, it has also created challenges for data security and IT teams.
Traditionally, data protection solutions have centered around everyone using corporate laptops and working inside offices, where environment-based tools can monitor all activity. But with the shift to hybrid working and cloud services, users can work from anywhere. Whether company executives or employees, people are increasingly using personal mobile devices and open and unsecured Wi-Fi networks as part of their hybrid work.
To truly enable hybrid working while protecting data, organizations must understand this new way of working and adapt their security approach. Instead of providing denied access, focus on surrounding data and events, including user behavior, the health of the device being used, the application required, and the sensitivity of the data seeking access. This change not only increases the efficiency of data protection in a hybrid workplace, but also gives security the agility to become a business enabler.
Security that works everywhere
Historically, IT and security teams have been called the “numbers office”. Employees were asked to work in a certain way, be it the location, the type of device or the programs they could use. Now that hybrid work is permanent, it is no longer feasible to require employees to adhere to these rigid policies. Workers are used to working from anywhere and using their personal devices, not corporate endpoints. This flexibility is expected and standardized in the modern workplace.
In the past, data security was maintained by having separate devices. Many people had a work computer or phone and a personal device. Now, everything happens on one device, which means IT departments must change the way they protect corporate data. Focus on data to increase the efficiency of your security operations while enabling seamless business operations. To get there, you need a solution that scales to the different places your business-critical data resides, whether it’s SaaS applications, private applications, cloud storage, or people’s personal devices.
Turn security into a business enabler
Instead of being the “no office,” IT security must become a business enabler. IT departments can no longer lock down data or control how employees can access the data they need. This change can seem like a lack of control at first, but it’s simply finding a different way to provide security that can also enable business and productivity.
This is where a converged approach to security comes in. Organizations must have access to a unified policy engine alongside data protection capabilities within the same security platform. This should include data loss prevention to identify and enforce data policies, analyze user behavior, and control digital rights to encrypt data so that only authorized and verified users have access.
Digital information now moves without borders or restrictions. Data is the new currency of life and a corporate data breach can affect a company one moment and an individual the next. Productivity now depends on the ability to get work done anytime, anywhere, and on any device. IT security needs to match that and move as seamlessly across borders as employees and managers. No matter the location, device or type of data, security must be present.
While the lines between work and life, as well as home and workplace, have disappeared, security need not disappear. From interns to executives, workers use the device and network that is most convenient for them. IT security must have this flexibility. By focusing on data protection, organizations can create a data protection strategy that is highly effective without sacrificing productivity.
The Forbes Technology Council is an invitation-only forum for CTOs, CTOs and CTOs globally. Am I eligible?
