Have a heartbreaking story of insider threat? Sign up for our Data Privacy Month emails for a chance to win one of five Canary All-in-one Security Camera Systems!
March 9, 2017 | Leave a Comment
By Frank Khan Sullivan, Vice President/Marketing, Strategic Blue
There is a need to communicate a project’s maturity to a non-technical audience. The Market & Technology Readiness Level Framework [PDF] aims to provide decision makers with a holistic view of a project’s maturity in a simple way – with a single score. It offers a faster way to assess, measure and support technology projects. The MTRL Assessment form is at the bottom of this article for those interested.
This framework has been developed by Frank Khan Sullivan, Michel Drescher from Oxford University e-Research Centre and Frank Bennett at Cloud Industry Forum, and was originally used to support several European Research & Innovation projects in cloud software and security to develop a go-to-market strategy at CloudForward 2016.
We will be accepting the next intake round of projects and businesses at Cloud Expo 2017 in London on Thursday, March 16 at 14:00 in the Cloud Innovation Theatre. The session is free to attend and will be hosted at the ExCeL Centre near Docklands. We will joining the CloudWatch2 project consortium speaking on March 15 on the European Digital Single Market and why trust is vital to the future cloud market.
By adopting the MTRL framework R&I projects can benefit from:
- Access Direct Support Workshops* before or during project reviews
- Quickly assess the maturity of a group of projects in a cluster/portfolio
- Communicate clearly the current and desired future state of a project
- Reduce the risk of project failure by intervening before crisis points
- Understand roadblocks and dependencies between TRL and MRL
Understanding How To Communicate R&D Projects
The decision to exploit outputs of applied research projects often rests on a decision maker’s understanding of how value will be created. The project leader must articulate a project’s current state of maturity, and demonstrate how it will progress through development stages. However, what the project leader wishes to communicate and what the decision maker understands does not always match.
Creating a Common Framework for All Stakeholders
Without a common framework to understand how mature a technology is, or its level of traction with its target users or constituents, funding and operational decisions take longer. The MTRL framework provides a common language for project leaders and funding decision makers to articulate their progress between stages.
Technology Readiness Levels are a widely accepted measure of the maturity of a technology, however, it obscures an important dimension – is the technology or project output ready to be brought to market, and if not, what can be practically done to accelerate its entry and subsequent uptake within a group of constituent users?
For example, if a project has developed a small scale prototype but has yet to validate the needs of its intended users, much effort and funding may be expended in the pursuit of features for a large scale prototype that will never be used.
Combining Technology Readiness and Market Readiness
By understanding both the current state of a project’s technology and market readiness, it becomes possible to offer more targeted support, such as refinement of a value proposition or closer pairing with an industry partner. This in turn increases the likelihood of a project’s outputs persisting outside the lab, reduced dependence on increasingly scarce grants and a more efficient use of existing resources.
First Success Story: CloudTeams.eu launches in Europe
CloudTeams.eu joined us at the CloudForward conference in Madrid back in October 2016 to conduct a Market & Technology Readiness workshop. Less than 6 months later, they have now successfully launched and made a major leap forward in executing their go-to-market strategy. CloudTeams is an innovative online platform connecting developers and users to speed up the collection of feedback from a target group of users to reduce time-to-market, reduce costly development errors and validate feature sets. We would like to take this opportunity to congratulate them on a really great project!
Conclusion: The MTRL Framework is ready for rollout!
In summary, the MTRL framework helps decision makers understand what resources may be required to progress through specific stages of development in the project lifecycle. This becomes particularly relevant in reducing the time it takes to assess groups of technology projects in clusters and making support accessible before reviews.
For project leaders: Request an MTRL Assessment and Direct Support Workshop
For funding bodies: Learn about implementing the MTRL Assessment Framework
Special thanks to Michel Drescher, Frank Bennett and Prof. David Wallom for their inputs in developing the methodology and thinking behind the framework. Feel free to connect with me directly to discuss how MTRL Assessments can be used to help your fund, project or go-to-market strategy/business models.
March 8, 2017 | Leave a Comment
By Jeremy Zoss, Managing Editor, Code42
It’s 2017, which means there’s a good chance your company is preparing to migrate to Windows 10. The operating system may have launched back in 2015, but this is the year that Gartner predicts enterprise adoption of the operating system will truly take off, hitting its peak in 2020.
What caused the delay in adoption? Based on a Spiceworks survey, concerns included stability, application compatibility, and security. Perhaps the largest factor, however, was large corporations opting to combine their move to Windows 10 with a device migration. Typically, these purchases occur every two to four years, so may companies were simply waiting for the next hardware purchase cycle to switch to the new operating system.
Whether combined with new machines or upgrading existing hardware, there are many factors to consider during device migrations, and the costs may surprise you. Fortunately, Gartner has also prepared an extremely detailed report on the costs and challenges of moving to Windows 10. Read the report today to discover:
- The typical costs to migrate a PC to Windows 10.
- The key factors of migration cost.
- How to determine your budget for migration costs using Gartner’s model.
- How to improve migration before it starts.
February 24, 2017 | Leave a Comment
By Jeremy Zoss, Managing Editor, Code42
In the movies, data theft is usually the work of outsiders. You’ve witnessed the scene a million times: A cyber thief breaks into a business, avoiding security measures, dodging guards and employees, and making off with a USB stick of valuable data seconds before he or she would have been spotted. But in the real world, data theft is much more mundane. Most cyberattacks are carried out by someone within the company or someone posing as such. Sometimes they take data that’s essentially harmless, like personal files they feel entitled to keep. Other times, what they take is potentially much more harmful. According to a 2016 report from Deloitte, 59 percent of employees who leave an organization say they take sensitive data with them! With IP making up 80 percent of a company’s value, insider threat is something that every company should take seriously.
Some industries are much more at risk of insider threat than others. Is your industry one of the most vulnerable? The infographic below details the industries hit with the most instances of insider threat in 2015. If you work in one of these industries, perhaps it is time to revisit your cyber security policies.
February 23, 2017 | Leave a Comment
By Derek Gooley, Security Researcher, Zscaler
The majority of Internet traffic is now encrypted. With the advent of free SSL providers like Let’s Encrypt, the move to encryption has become easy and free. On any given day in the Zscaler cloud, more than half of the traffic that inspected uses SSL. It is no surprise, then, that malicious actors have also been using the SSL protocol in their activities over the last several years. The increasing use of SSL creates problems for organizations that are unable to monitor SSL traffic, as they must rely on less-effective techniques like IP and domain blocking in an attempt to identify and block threats.
In this report, we will outline trends we have seen in the use of SSL in the malware lifecycle and in adware distribution, based on a review of traffic on the Zscaler cloud from August 2016 through January 2017. What follows is a graphic illustrating our findings, and an analysis of recent activities.
Malicious SSL Activity
During the six-month period, the ThreatLabZ research team observed that the Zscaler cloud blocked an average 600,000 malicious activities each day that used SSL, including exploit kit traffic, malware and adware distribution, malware callbacks, and other malicious traffic.
Figure 1. Total SSL blocks, August 2016 – January 2017
In our cloud, we observed an overall increase in malicious SSL traffic in nearly all categories — a trend we expect to continue — with periodic spikes, such as those in early August and late November, when SSL malware blocks reached nearly two million a day.
Browser Exploits and Payload Delivery
Exploit kit (EK) authors are more frequently including SSL in the infection chain at some point. Previous malvertising campaigns have been observed in which EKs took advantage of SSL-enabled advertising networks to inject malicious scripts into legitimate webpages. EK authors may also abuse services that provide free SSL certificates to add HTTPS support to their maliciously controlled domains. This maneuver enables them to bypass the SSL integrity checks built into modern web browsers.
Figure 2. SSL web exploit monthly total hits, August 2016 – January 2017
Figure 3. SSL web exploit blocks, August 2016 – January 2017
During the observation period, we saw an average of 10,000 hits per month for web exploits that included SSL as part of the infection chain.
Figure 4. Phishing blocks, August 2016 – January 2017
Phishing campaigns have been increasingly using SSL in their attacks. Many phishing attacks involve hosting the phishing page on a legitimate domain that has been compromised. Since the number of legitimate sites that support SSL is constantly increasing, so are the number of SSL-enabled phishing attacks. This rise presents a significant threat, because organizations, in an attempt to thwart ransomware and other phishing schemes, have implemented security hardware solutions to detect and block phishing, but few of them support SSL inspection.
Malware Families That Use SSL
Several years ago, it was rare to see malware using SSL to encrypt command-and-control (C&C) mechanisms. As malware design has become more sophisticated, and with the near ubiquity of SSL on the Internet, it made sense for malware authors to begin using SSL to hide their activities. Some malware families have gone further, using anonymity services such as Tor to hide the location of their C&C servers, connecting to (otherwise legitimate) HTTP Tor gateways via SSL.
Botnets typically use self-signed SSL certificates, frequently using the names and information of real companies to try to appear legitimate. The SSL Blacklist is a project that tracks the SSL certificates used by malware authors.
Figure 5. Malware callbacks over SSL, September 2016 – January 2017
Corresponding with the increase in malicious payload deliveries in November 2016, we also observed an increase in blocked malicious SSL traffic during that time.
In our analysis, we came across many malware families that were using SSL for malicious purposes. Some of the recent and notorious malware families actively using SSL are:
- Dridex/Dyre/TrickLoader: The Dridex, Dyre, and TrickLoader banking Trojans are capable of communicating to the C&C servers via SSL using its own SSL certificate. These family previously used the common browser hooking technique for callbacks, but the latest versions can perform redirects via local proxy or local DNS poisoning to fake websites, controlled by the attacker.
- Vawtrak: Vawtrak is a well-crafted piece of malware supporting the VNC and SOCKS proxies, screenshot and video capturing, and extensibility with regular updates from C&C servers. Vawtrak samples contain code for downloading and validating SSL certificates and are capable of initiating an HTTPS connection. The malware contains a list of HTTPS-secured hosts that contain updated lists of live C&C servers.
- Gootkit: Gootkit is a stealth banking trojan with backdoor and spyware capabilities that uses fileless infection and communications over SSL. Gootkit intercepts user data via web injections into HTTPS traffic.
A common function of adware is to inject unwanted advertisements into web traffic. These advertisements can also lead to malicious infections, as exploit authors frequently take advantage of less-scrupulous advertising networks to distribute exploit redirect scripts. Securing web traffic with SSL/HTTPS prevents this distribution in most cases. Adware installed on a client machine would not be able to perform a man-in-the-middle attack with a self-signed certificate due to the HTTPS safeguards included in modern browsers.
However, in several notable cases, major adware distributions have circumvented these safeguards to inject advertisements into HTTPS traffic. The two most high-profiles examples are the Superfish and PrivDog adware distributions, which were first abusing SSL in 2015. Both of these adware programs install a self-signed root CA certificate onto the victim’s computer, and intercept all web traffic in order to inject advertisements into web pages. PrivDog in particular was a serious concern because it did not validate SSL certificates on its end of the proxy, allowing users to inadvertently navigate to websites with invalid SSL certificates, exposing them to additional threats.
Adware variants have also started to host their files on HTTPS sites. We came across a family of adware called InstallCore, which was doing this kind of activity. InstallCore is a Potentially Unwanted Application (PUA) that installs a program to display and/or download unwanted advertisements and toolbars, and tracks a computer’s web usage to feed the victim undesired ad pop-ups; some versions can even hijack a browser’s start or search pages, redirecting the user to a different site or search engine.
InstallCore is often delivered by tricking the user into installing the Flash plugin or a Java update. In some cases, InstallCore is delivered by misdirected download buttons. These fake pop-ups of the Flash player or download buttons appear on content distribution sites, like torrent sites, or free software sites that work on HTTPS.
Figure 6. Fake Flash download pop-up
Due to the rising use of SSL encryption to hide exploit kits, malware, and other threats, it is important to have a security infrastructure that can detect and block these threats. The problem is that SSL inspection is compute-intensive, so even organizations whose security appliances support SSL inspection often disable this feature, as its use would slow traffic throughput to unacceptable levels. Dedicated appliances for SSL inspection are available, but their price puts them out of reach for many organizations. SSL inspection is built into the Zscaler security platform, which, due to its scale, can inspect all SSL traffic without latency.
Research by: Derek Gooley, Jithin Nair, Manohar Ghule
February 22, 2017 | Leave a Comment
By Jeremy Zoss, Managing Editor, Code42
The PC has long been the default choice for business computers, but perhaps not for much longer. The growth of Macs in the enterprise has been exponential in recent years, as illustrated by the infographic below.
For context on why Macs are growing in popularity in the workplace, look at some of the big-name companies embracing the platform. Once a sworn enemy of Macintosh, IBM has become a high-profile proponent of Macs for its own workforce. Cisco allows its employees to choose between iOS and Windows devices, and now has 35,000 Macs in use. At SAP, the company believes that “offering Mac is key for any modern enterprise.”
Mac usage lowers IT costs
Simpler IT support for Macs and a high level of user self-service drive the bulk of this cost savings. IBM reports that just 3.5 percent of its Mac users currently call the help desk, compared to 25 percent of its PC users. Media company Buzzfeed maintains only a small IT staff for its thousands of employees–only 30-35 employees use Windows machines, while the rest operate on Macs.
User preference—not business value—still drives most Mac adoption
IT cost savings aren’t the only thing driving Mac adoption among big names in business tech. Security and productivity are also driving Mac adoption. Deloitte says iOS is “the most secure platform for business” and states that “Apple’s products are essential to the modern workforce.” Cisco stated it believes Apple devices accelerate productivity. Basic user satisfaction is another important factor. IBM reports a 91 percent satisfaction rate among Mac users and says its pro-Mac policies help the company attract and retain top talent.
While IBM and others put total cost of ownership, security and productivity as top reasons for Mac adoption, a survey conducted by Code42 shows user preference continues to be the main reason that enterprises are embracing Macs today.
Top reasons for Mac adoption
1. Happier end users (37%)
2. Fewer help desk tickets (14%)
3. Better OS security (12%)
Top IT challenges are Macs’ top strengths
Macs also offer advantages in areas that are typically sources of major challenges for IT. According to our survey, the most time-consuming tasks for IT are tech refresh and help desk tickets, followed by malware and ransomware. These are actually areas where Macs excel. Macs traditionally enable a much higher level of self-service, and Code42 enables user-driven tech refresh for Mac users (and PC users, too). This level of self-service produces the kind of IT cost savings IBM has seen with its dramatically reduced help desk tickets.
February 14, 2017 | Leave a Comment
By Ashley Jarosch, Manager/Marketing Programs, Code42
While everyone else is celebrating love and romance this Valentine’s Day, here at Code42 we’re reflecting on heartbreak—specifically, the heartbreak of insider threat.
The Heartbreak and Betrayal of Insider Threat
It’s a feeling anyone in the enterprise world is familiar with. Someone you trust—someone you hired, work with, maybe even talk to daily—betrays that trust and steals data, deletes data or gives away access credentials. In fact, you’ve probably had it happen recently. Nine in 10 organizations experience at least one insider threat each month—and according to the Ponemon Institute, one in three of those incidents are the result of intentional or malicious insider activities.
You Don’t Have to Be a Cynic—Just Know the Warning Signs
What’s truly heartbreaking is that most organizations don’t see these insider threats coming. They miss the signs of disgruntled employees and suspicious or risky behavior. They’re shocked by insider threat and they end up bitter and cynical—feeling like they can’t trust their own employees.
But you don’t have to be a cynic. By knowing the warning signs, you can spot the employees most likely to steal or destroy sensitive data—and get back to the trusting relationship that empowers the rest of your staff to do good, honest work.
Have a heartbreaking story of insider threat? Sign up for our Data Privacy Month emails for a chance to win one of five Canary All-in-one Security Camera Systems!
February 13, 2017 | Leave a Comment
By Daniele Catteddu, Chief Technology Officer, CSA
As increasing numbers of enterprises begin the move to the cloud in earnest, there has simultaneously developed a host of third-party consultancy firms, offering guidance on cloud technology best practices and implementation. Recognizing that there is a genuine need for a trusted network, where organizations and professionals can be relied on to provide high-quality cloud security consultancy services based on CSA best practices, we are launching a new initiative–the CSA Consultancy Program (CSA-CP) that will go live in mid-2017 with Optiv as the first certified provider.
The overreaching goal of the CSA-CP is to support organizations looking to improve their cloud security posture and implement high standards of compliance and assurance. This new program will provide a registry–the CSA Consultancy Services Registry (CSA-CSR)–a web repository similar to the CSA STAR Registry and in doing so will simplify the research for trusted consultancy services and speed the adoption of effective, secure cloud implementations.
Grounded with CSA’s best practices, the program will be offered from a highly-vetted, trusted network of organizations and professionals, and we couldn’t be more pleased to count Optiv as our first provider.
“As a long-time supporter of CSA’s best practices, certifications and guidance, we look forward to helping organizations better understand how to implement an effective cloud security posture and ensure compliance and assurance standards are met,” said JD Sherry, Vice President, GM, Cloud Security & Strategy, Optiv, Inc. “The consultancy program will serve an excellent purpose in this regard and we are proud that Optiv is part of what we expect to be a valuable program in the future.”
The qualifications that must be met are rigorous. In order to be listed as a CSA Qualified Consultancy Service Provider, organizations must demonstrate they have completed and passed the:
- Certificate of Cloud Security Knowledge (CCSK) examination,
- CSA CCM training course,
- CSA STAR Certification Qualified Auditor designation and/or Consultant designation, and
- Certified Cloud Security Professional (CCSP) current year exam completion.
With the widespread adoption of CSA best practices, we see an opportunity and need for a repository of qualified and trusted cloud security experts. Securing the cloud continues to be our top priority, and the CSA-CP will help achieve this.
February 13, 2017 | Leave a Comment
By Jason Garbis, Vice President of Products, Cryptzone
On behalf of the Cloud Security Alliance, I’m pleased to announce the publication of our newest security research from the Software Defined Perimeter (SDP) Working Group, exploring how the SDP can be applied to Infrastructure-as-a-Service environments. Thanks to all the people who commented and contributed to this research over the past 10 months, especially Puneet Thapliyal from Trusted Passage.
Cloud adoption has soared over the past few years, and yet recent surveys indicate that security is still a concern. In one Cloud Security Alliance survey, over 67% of respondents indicated that an inability to enforce corporate security standards represents a barrier to cloud adoption, while 61% noted that compliance concerns pose a barrier.
It’s quickly becoming widely understood that SDP is the preferred new way to securely deploy services. Leading analyst firms are recommending that public-facing services be protected with a new security approach, and are talking about SDP as a strong alternative to traditional network security solutions.
Enterprises have recognized that SDP can address their concerns about adopting cloud, but the Software-Defined Perimeter approach is still relatively unknown to many (here is a quick primer on SDP if you need a refresh). Security architects and IT leaders are eager to learn more about how to best design and deploy SDP-based systems.
As a vendor that offers an SDP solution, and as a leader of the SDP Working Group, we’re happy to share our knowledge and experience. This is why we’ve spent the time and effort, in partnership with other SDP practitioners, to create this new security research outlining how Software-Defined Perimeter applies to IaaS environments.
Security for IaaS is particularly interesting, because it’s a responsibility that’s shared between enterprises and cloud providers, and because IaaS has different (and in some ways more challenging) user access and security requirements than traditional on-premises systems. Our new research focuses on how SDP can be applied to Infrastructure-as-a-Service environments, and explores the following use cases:
- Secure Access by Developers into IaaS Environment
- Secure Business User Access to Internal Corporate Application Services
- Secure Admin Access To Public Facing Services
- Updating User Access When New Server Instances Are Created
- Hardware Management Plane Access for Service Provider
- Controlling Access Across Multiple Enterprise Accounts
Finally, now that this research has been published, we’re just beginning work to outline more architectures and new applications of the protocol in version 2 of the SDP specification. Please join us if you’re interesting in contributing or learning more about that project as well.
February 13, 2017 | Leave a Comment
By Daniele Catteddu, Chief Technology Officer, Cloud Security Alliance
Compliance, assurance and vendor management are becoming more and more complex and resource-intensive issues, so we created STARWatch, a Software as a Service (SaaS) application designed to provide organizations a centralized way to manage and maintain the integrity of the vendor review and assessment process. Today, we’re excited to announce its official launch. Even more exciting is that we are emerging from Beta with more than 250 active licenses activated.
STARWatch delivers the content of the CSA’s de facto standards Cloud Control Matrix (CCM) and CSA’s Consensus Assessments Initiative Questionnaire v3.0.1 (CAIQ) in a database format, enabling users to manage compliance of cloud services with CSA best practices. It was designed to provide cloud users, providers, auditors and security providers with assurance and compliance on-demand. Additionally, it provides users the ability to:
- manage all cloud service providers and their own private clouds to assure a consistent security baseline is maintained;
- build and maintain a CSA Security Trust and Assurance Registry (STAR) entry and provide customers with rapid responses to their compliance questions;
- perform audits and assessments of cloud services/provider security;
- have a clear reference between CCM controls and the corresponding controls in other industry standards;
- leverage the STARWatch solution database format and technical specifications for integration within an organization’s cloud environment; and
- enabling sharing and peer reviewing of cloud services security assessments.
CSA STARWatch is free to CSA corporate members. Non-members may purchase licenses starting at $3,000 annually for an Expert license and $5,000 annually for Enterprise licenses. Learn more about CSA STARWatch.
STARWatch is part of the larger CSA STAR program, the industry’s most powerful program for security assurance in the cloud, which encompasses the key principles of transparency, rigorous auditing and harmonization of standards, with continuous monitoring. Currently there are 230 Cloud Service Providers in the STAR program, which includes STAR Self-Assessment, STAR Certification, STAR Attestation and C-STAR Assessment.
January 30, 2017 | Leave a Comment
By Rick Orloff, Chief Security Officer, Code42
Saturday, January 28th was Data Privacy Day. We’re proud champions of the National Cyber Security Alliance’s focused effort on protecting privacy and safeguarding data. But at Code42, we know that one day isn’t enough. We dedicate an entire month each year to reaffirm our critical role in keeping our customers’ data safe.
This year, we initiated an annual Certified Information Systems Security Professional (CISSP) training program at Code42 and trained staff on the eight common bodies of knowledge defined by (ICS)2 to earn the coveted credential. We embedded a new tool in our email system for Code42 employees to report phishing attempts. And, we hosted a panel discussion with representatives from the FBI and Secret Service to learn more about how they combat cybercrime.
But we’re not here to talk about what we did to keep our data safe. We’re here to talk about what you can do to protect yours. The first step in any cybersecurity strategy: situational awareness.
Your Employees Are Being Targeted: Part One
Your end users, and their devices, represent a very large mobile attack surface. IT and InfoSec professionals spend far too much time cleaning up issues caused by employees who fall for phishing emails, click corrupt links, or engage in careless online behavior. These unintentional “user mistakes” are one of the biggest threats today, causing around 25 percent of data exfiltration events.
Why do users make so many mistakes? To put it simply, most don’t care. They believe that if IT is doing its job, no threats will reach them and they have nothing to worry about. They believe that if they have an error in judgment, or do something foolish, IT will always come to the rescue. They actively ignore security policies and find creative workarounds for security measures they view as an inconvenience.
Your Employees Are Being Targeted: Part Two
It’s one thing for your employees to make mistakes. It’s another for them to deliberately remove data from your organization. Unfortunately, that’s exactly what happens quite often, and it’s part of the reason why 78% of security professionals say insiders are the biggest contributors to data misappropriation.
With your company’s IP making up 80% of its value, the potential damage from malicious insider threat is enormous. To help spot vulnerabilities, look for “Shadow IT,” the tools and solutions your employees use without explicit organizational approval that often pose measurable risks. Many tools that are unapproved by your IT department also place the data they’re accessing at risk and often there’s no overall management of these tools.
The Solution: Backup and Real-time Recovery
I have often said that there are only two types of networks in this world, those that have been breached and those that are being attacked. The fact is, security breaches occur to varying degrees of severity at all Fortune 500 companies. If a breach results in being denied access to your data, the C-Suite expects IT to get them back up and running. What they are just now learning is that this can be accomplished in mere minutes, or hours without overwhelming support staff! The solution to protecting your company from inside threats, ransomware, or any other cybersecurity issue is real-time recovery on the endpoints.
This is what the FBI has been urging businesses to do for years: regularly back up data and verify the integrity of those backups. It’s equally important to ensure that backed-up files aren’t susceptible to ransomware’s ability to infect multiple sources and backups. Consider these key points:
- When endpoints are infected by ransomware, real-time recovery can roll back clean versions of every file, including system files.
- While other solutions such as File Sync and Share (FSS) programs can import ransomware to its mirror mate (as they are designed to do), enterprise endpoint recovery solutions can roll back all files to earlier dates (versions) and restore them.
- When a device gets stolen or damaged for whatever reason, or when an employee leaves with valuable company data, real-time recovery can roll back each and every file on the device. This keeps the business operational and provides options relative to how they want to deal with the departed employee.
There are many tools on the market that claim to protect your data, and many indeed do a good job. But a sound cybersecurity policy begins within. You can’t protect your data if you don’t understand where it is and the threats you’re up against.