There is no escaping data security. With so many tasks and transactions now being done virtually, every consumer is faced with an unending stream of requests for logins, passwords, two-factor authentication codes, captchas, and more.
On the enterprise side, users have to negotiate through a labyrinth of security layers and access controls to get to the data they need or to share it with others to perform their duties. In other words, data security is very much in your face 24/7.
5 Trends in Data Security
1. Remote and hybrid working have thrown a wrench in the security works
No one could comfortably say that data security was under control before the pandemic. But it was not wildly out of control either. With so many now working from home and so many of those determined to stay home, the security perimeter of the average enterprise has become permeable.
Two-thirds (66%) of business leaders said they’re considering redesigning office space, according to Microsoft. At the same time, there is contention: 73% of employees want to stay flexible with working options, while 67% want more in-person collaboration.
The bottom line is that remote work is unlikely to go away. This leaves IT departments with a much bigger problem when it comes to ensuring complete security of enterprise data.
2. The increasing professionalization of ransomware
Security firm LIFARS notes that cybercriminals have become far more organized and professional of late to raise the efficiency of their operations.
Hacking gangs have established a data publishing cartel to sell and distribute data on the dark web. Ransomware-as-a-Service (RaaS) schemes abound to arm criminals with plug-and-play tools to launch malware and ransomware attacks. Flush with cash, they are even funding cybercriminal startup organizations to help them get ahead in the marketplace.
“Data security is an ongoing challenge for many organizations as ransomware gangs evolve and refine their strategies,” said Javvad Malik, security awareness advocate at KnowBe4.
“No longer does ransomware simply land and encrypt, but criminals have developed skills to stay inside an environment longer to determine the most valuable data to steal, corrupt, or encrypt. RaaS has increased in popularity, and criminals are also learning to avoid certain government departments and hospitals to avoid backlash.”
As a result, just about anyone in IT now has to augment their skills by becoming a data security specialist.
See more: Data Security Market 2021
3. Multifactor authentication becomes the norm
It hasn’t taken long for multifactor authentication (MFA) to become a standard.
These days, almost any app is now requiring it. The ease of use of tools like Google Docs, for example, has been impacted by growing demands for MFA.
“As part of the remote working shift, secure authentication saw a boost largely fueled by concern over data breaches and privacy compliance regulations,” Malik said.
4. Data security must extend into the cloud
Cloud providers went to such lengths to highlight their security procedures that many were lulled into a false sense of security.
As it turns out, data security is just as important in the cloud as on premises. IT is still responsible for data security even if the data is sitting in a “highly secure” cloud repository.
“The pandemic led to a larger and more rapid adoption of cloud services,” Malik said.
“With this shift, many organizations realized they weren’t just faced with technological challenges, but were overwhelmed by the need to update or create new procedures to deal with the changing landscape.”
As well as how to administer cloud data, one of the biggest procedural shifts was how to implement, manage, and enforce data security in environments beyond the traditional IT perimeter.
“Many have moved their data to the cloud, but this has not eliminated the need for data security. It has either moved it to a different vendor — for example, Microsoft and Office365 or just moved it from a physical device to a cloud-hosted VM — for example, Azure and AWS,” said Ashley Leonard, president and CEO of Syxsense. “You still need to think about security.”
5. Security is now top of mind
According to Tessian, 47% of tech workers fall for phishing scams. The average cost of a data breach resulting from remote work is placed at $137,000, according to Deloitte. And the “Phishing Activity Trends Report” by the Anti-Phishing Working Group notes that the volume of phishing has doubled in 2020.
There is no vertical that is immune to ransomware, with financial institutions, webmail, and social media as the segments most frequently victimized.
That’s why data security is not just top of mind in IT, but also in the board room. The “State of the Data Center Industry” research report found that 59% of respondents are particularly worried about ransomware. The current solution being implemented by many is zero-trust security. Faced with these trends, it is garnering more interest as organizations seek to create perimeter-less security models to protect their data.