cyber trends no logical reason to have access to that data in the first place .
In the pre-cloud world , when most data was held on-premises , data access was more easily controlled . However , even back then , inconsistent access control lists ( ACLs ) and global access groups put data at risk and it was common for users to put data on shared or networked disk drives .
In recent years , data volumes and storage locations have proliferated enormously . Today , it is almost impossible to find and fix all inconsistent ACLs .
Users may already be aware of which data is highly sensitive . So , unless restrictions make it impossible to move this sensitive data , it ’ s bound to end up in an insecure location at some point .
The shift to remote working
The rapid uptake of cloud-based collaboration tools to support the shift to remote working has made this problem much worse . Tools like Microsoft Teams enable users to create new repositories for data and share access to that data with anyone in the organisation . Often , IT and security lack insight into how data is being shared and resaved . For example , anyone using Microsoft Teams can create multiple SharePoint sites online , add users with various levels of access or make access available to anyone : all with a few clicks and no technical expertise . Placing access restrictions on all data would do much to curb such practices but doing this presents a huge organisational challenge . It can be challenging to identify sensitive data and its degree of sensitivity , to apply appropriate controls .
To do this , organisations need to know where data is stored , who has access www . intelligentciso . com
19