Plugging data leaks improves agencies’ compliance with reporting requirements
More than half of U.S. federal agencies have failed a compliance audit due to data security issues in the past year, according to at least one recent report. The failure rate isn’t surprising. As more agencies modernize IT infrastructure, embrace the cloud and encourage greater collaboration, sensitive data has become vulnerable. At times, insufficient data security has resulted in fines, lost jobs and the scrutiny of Congress and the news media.
Worse, the risk to data remains even when agencies take prescribed precautions, such as implementing anti-malware software, firewalls and intrusion detection and prevention systems. Those tools, while important, are designed to broadly protect the infrastructure, not specific data.
As a result, security gaps occur, most frequently during transition periods in the data lifecycle, such as when data is uploaded, copied or moved during typical business workflows. During these times, data leaks can occur, ranging from the theft of credentials and downloading of sensitive data to the planting of malicious bots. With security gaps present, auditors can’t ensure that data is secure over time, nor can agencies prove that they are in compliance with applicable regulations...
To read more about how thought leaders at General Dynamics are approaching the challenges of protecting enterprise data, click below to request the full whitepaper.