• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: June 22nd, 2023

help-circle


  • I hate to say it but company data is most definitely on personal computers.

    This is why stuff like adaptive MFA and DLP are a thing. What most people don’t know is if DLP is properly implemented the IT team/department have records of who, when, where, and what device were used to not just access/download data/files.

    The problem is a lot of companies don’t properly implement DLP because it’s not a turn key solution. You need to properly classify your data first and that requires essentially a company wide audit with buy-in from all levels of management. After the classifications you can then implement restrictions and compensating controls.

    Back in the day you could just block USB/network transfer, but if you have data accessible outside of a corporate network you then need to implement conditional access/adaptive MFA where only registered devices are permitted to access certain systems.