In our previous blog, Data in use and why you need to keep an eye on file activities, we discussed why you should monitor how your data is being used, threats to data in use, and how you can protect it. But, when your data is on the move, you need other security capabilities to secure it. In this blog, we’ll explore data in motion.
Gone are the days when you’d simply store your data in your local database and share it with peers when required. Today, akin to a serial traveler, your data is always on the move, waking up in USB city en route to cloud nation via endpoint town, with a pit-stop at server tavern.
This means your data is now more exposed than ever. While exposure to new destinations is always beneficial, some (digital) places might not be as safe as others, with a few being notorious for rampant crime. It’s on you to be vigilant and safeguard yourself from ending up as a victim on the daily. So, for a pleasant experience, it’s imperative to monitor and control data flow. Before that, let’s see what constitutes data in motion.
What is data in motion?
Data in motion, also referred to as data in transit, is data that is being moved from one place to another. Your data could be moved from a file server to the cloud, from the cloud to a USB, or any other number of ways. As it moves from a secured location to another location you might not have control over, it becomes vulnerable to cyberattacks.
Data in transit examples
Examples of data in motion include:
-
An email sent to your colleague notifying them about an upcoming meeting
-
The upload or download of files from cloud storage services such as Dropbox, Zoho WorkDrive, or Google Drive
-
The transfer of files from your computer to a USB device
While data moves from a secured environment to a foreign land, it faces various threats, such as manipulator-in-the-middle attacks, eavesdropping, or insider threats. In the next section, we’ll explore how these threats can unfold using a case study involving Samsung.
Samsung’s breach: Evolving threats to data in transit
Technological advancements can be a double-edged sword based on how you adopt them; while they make our daily lives easier when used cautiously, they might come at the cost of your privacy. One such emerging technology is artificial intelligence (AI). The concept of AI has been around for a while, but with the launch of generative AI applications such as ChatGPT and Gemini, it has now come to prominence. These applications sure do help with improving your productivity, but users must be extremely mindful while using them as they could pose a threat to your privacy. The Samsung data leak serves as a prime example of how generative AI could be an avenue for data leaks.
In 2023, tech giant Samsung bore the brunt of generative AI in a series of events. One incident took place when an employee working in its semiconductor unit uploaded internal source code onto the generative AI platform ChatGPT; in another incident, the company’s meeting notes were pasted onto the platform. These prompts didn’t go down well, as OpenAI, the company behind ChatGPT, evidently has a clause that states data input into the platform will be stored in its servers. These incidents made Samsung impose a ban on the usage of generative AI.
Samsung’s ordeal is just one example amongst the 55% of generative AI inputs that comprise sensitive information. While there’s no denying that organizations leveraging emerging technology have an edge, it’s also important to secure your data.
How to protect data in motion
In data’s pursuit of travel, it inevitably stumbles into places like the Wild West that are notorious for anarchy and being lawless. Passing through such locations unscathed takes a seasoned traveler and the right equipment. Here are a couple of solutions you could equip to protect your data:
-
Data leak prevention (DLP): Your efforts to prevent data leaks begin with identifying data and classifying it. Having a thorough understanding of this can help in implementing policies. DLP policies must take into consideration and focus on protecting data across all the avenues it travels. A few common DLP policies include:
-
-
Copy protection: A file could be copied from a secure location and pasted into unsafe locations, such as a USB or a publicly accessible folder within your file server; this exposes sensitive data, with the potential for it to end up in the wrong hands. Having a copy protection policy can help you protect files from being copied to unsafe locations.
-
-
-
Email DLP: While email enables seamless collaboration across various departments within your organization, it’s not the safest means to transfer data, as it could be easily intercepted by an attacker. An email DLP policy regulates the emails sent by your employees and prevents the transfer of sensitive data through emails.
-
-
-
Removable device policy: Removable storage devices such as USBs can be hotspots for cyberattacks. Recently, the FBI had to warn against the usage of USB devices due to security concerns. Moreover, it’s equally important to ensure that sensitive data isn’t moved to unsafe devices, and stringent DLP policies for external devices will improve your security posture.
-
-
Cloud security: A cloud security solution can help in identifying the cloud applications used by your employees, preventing shadow IT, and regulating the transfer of data from and into cloud services. It can prevent data leaks by disallowing users from uploading sensitive files onto unsafe applications and downloading files from malicious sites. These solutions can protect your data from being exposed and help prevent against unforeseen incidents such as the Samsung data leak.
How can a unified data security solution help you?
A unified solution for data security can provide comprehensive visibility into the data you store, including its sensitivity, its business relevance, users with access to it, its usage patterns, and any data transfers. This information can be utilized to secure data in various states, all through a single platform. Here’s how our unified solution, DataSecurity Plus, can safeguard your data:
Data at rest: The data risk assessment and file analysis capabilities complement each other to discover and classify sensitive data, identify users with access to it, and help you determine its relevance to your business.This ensures you are always informed about the data you store and its value, and helps prevent unauthorized access.
Data in use: DataSecurity Plus’ file audit capabilities enable comprehensive monitoring of data usage across file servers, clusters, workgroups, and NetApp servers. This helps in detecting anomalies in user behavior, such as spikes in permission changes, file renaming, and movement activities, which could indicate a potential insider threat or ransomware attack.
Data in transit: The DLP and cloud security capabilities together help track and manage data flow across endpoints, servers, removable storage devices, and the cloud.
These capabilities of DataSecurity Plus seamlessly work in tandem to make your job less daunting and your data more secure. Experience it for yourself with a free, 30-day trial.
