Keeping in control when it comes to file sharing is high on the agenda for many enterprises. Limiting data sprawl lowers the chances of a data breach (whether intentional or accidental) and improves compliance. Here are our top tips for staying on top of your file sharing:
Train and empower employees
Let your business users know about potential security risks associated with file sharing. The training doesn’t need to be dry, there are plenty of interactive apps and techniques that can make it fun and more effective.
Once your teams are up to speed, make sure you empower them to make decisions about the data they own. You need to give them the right tools to do it though, so it doesn’t impact on their day-to-day responsibilities. Torsion places the power of data access governance back in the hands of the information owners but does most of the work in the background so it’s super quick and easy for the user.
Integrate file sharing governance tools with collaboration platforms
Collaboration platforms such as Teams, Sharepoint and Office 365 enable employees to share files at the click of a button. Whilst this sharing drives creativity, collaboration and productivity within an organisation, the volume of data being shared (data sprawl) can easily become out of control and out of date.
By integrating Torsion alongside your collaboration platform, any out of context access is automatically detected, out of date access is revoked and permissions are enforced automatically too.
Audit & compliance
Organisations should be able to prove who has access to what, why and when at any given time. This can cause a logistical nightmare for many organisations when it comes to compliance checks and audits but with Torsion, it’s always available at the click of a button and you have complete visibility at all times.
Revoke access
Data sharing can easily sprawl, with thousands of files, folders, sites and permissions out of date and forgotten. Any out of data access needs to be revoked but this is impossible to do manually. Torsion monitors who should have access, why they need access and how long they need access for – anything outside of the company policy or out of date gets automatically revoked.
Think external as well as internal
Remember to monitor what’s being shared outside of an organisation as well as internally. Again, this is difficult to do manually but Torsion can identify when something shared doesn’t look quite right and flags it up to the data owner or manager so they can approve or reject it.
Know ‘why’ as well as ‘what’ and ‘when’
To meet most compliance requirements, you need to know and prove ‘why’ somebody has access to a piece of data as well as ‘who’ has access and ‘when’ they access it. The ‘why’ could be because of their job role, the department they work in, for a specific project, holiday or maternity/paternity cover etc. Torsion applies ABAC (Attribute-Based Access Control) to automatically assign access based on why people need access, rather than name based permission access. For example, instead of people in finance roles all having access to the same files, sites and folders, ABAC and Torsion add extra layers of security, such as only allowing access to files with specific sensitivity levels or only for a specific period of time (Torsion than automatically revokes access when it is no longer applicable).
For more information or to arrange a free demo of Torsion email info@torsionis.com.