Comment on [deleted]

ITeeTechMonkey@lemmy.world ⁨2⁩ ⁨months⁩ ago

I hate to say it but company data is most definitely on personal computers.

This is why stuff like adaptive MFA and DLP are a thing. What most people don’t know is if DLP is properly implemented the IT team/department have records of who, when, where, and what device were used to not just access/download data/files.

The problem is a lot of companies don’t properly implement DLP because it’s not a turn key solution. You need to properly classify your data first and that requires essentially a company wide audit with buy-in from all levels of management. After the classifications you can then implement restrictions and compensating controls.

Back in the day you could just block USB/network transfer, but if you have data accessible outside of a corporate network you then need to implement conditional access/adaptive MFA where only registered devices are permitted to access certain systems.

source
Sort:hotnewtop