When people think about data integrity, they often think about making sure that their files are not modified or deleted by unauthorized people. However, there’s much more to it than that. Data integrity is also about comprehensiveness (meaning that all the data that you need to capture is, in fact, captured), consistency (data is accurate regardless of who or what is creating or updating it) and traceability (every modification is properly recorded).
Data integrity is a key part of regulatory compliance standards that range from the General Data Protection Regulation (GDPR) to financial reports, health care records, quality control and HR policies. When there’s a data integrity issue, there’s almost always a compliance issue as well.
But remote workers complicate things.
Today, many organizations are embracing remote workforces. The advantages are plentiful. However, in the traditional view of enterprise content management, maintaining data integrity and employing remote workers come into conflict. When everyone was under one roof, it was easy for IT teams to set up an on-premise enterprise content management (ECM) system and connect it with all the desktop computers in the office.
Now, workers work from anywhere and still expect that their content should be easily accessible. If it’s not, they will often find their own workarounds. For organizations, that’s a nightmare. Having confidential files scattered over personal laptops, USB drives and in email attachments almost guarantees a loss of data integrity. So, how can organizations combat this?
First, Monitor Your Data
It’s hard to protect something that you don’t know about. That’s why companies need to make sure that they have a clear picture of where their files are. The challenge isn’t finding files in your internal storage systems — it’s ensuring that’s the only place where your company’s files are stored.
Data loss prevention (DLP) software is a great way to address this issue without needing to put in an unreasonable amount of manual work. DLPs like Google Data Loss Prevention API, BetterCloud, CloudLock and others scan your organization’s files and monitor them. (Disclaimer: Google is an AODocs customer.) If a file is moved away from the business’s secure file storage system, you will be alerted. It doesn’t matter whether the person moving the file is in the office or working from home: You will receive the alert either way. With these notifications, organizations can detect when sensitive information is not properly protected and ensure that all of their data stays within their storage system.
Then, Take Control Of Your Data
After ensuring that your files are centralized, the next step is to take control. Most data integrity risks can be substantially reduced by two simple things: automated user permissions and consistent processes.
First, managing file access is critical to ensuring companies’ documents can’t be altered by unauthorized users. By implementing automated user permissions, you can ensure users are automatically assigned the correct view, edit and sharing rights. That, in turn, helps to eliminate the possibility for human error.
Permissions go hand-in-hand with processes. Organizations can only ensure data integrity if everyone follows the same processes. Allowing anyone to edit anything at any time is asking for trouble. To avoid this, you can make sure your documents follow specific processes that only allow specific users to access, edit, share, and approve each version. This is made easier with the help of automated workflows that help companies automatically share documents with the right people at the right time. Once a document moves to the next step in a workflow, a new set of users gets access while the previous users lose their ability to update the documents.
However, how can this be done with a remote workforce? That’s where content services platforms (CSP) come into the picture. While my company offers a CSP, so do others, such as Box and SharePoint Online. For those who are curious, CSPs are a more versatile, collaborative, and agile version of ECM systems. CSPs, specifically cloud-based ones, can remove the distinction of “inside the office” and “outside of the office” by managing users based on their identities instead of their devices or access to the internal network. CSPs allow organizations to take ownership of documents the minute that they are uploaded as well as set user permissions that ensure that only the right users, whether they’re at HQ or abroad, have access.
And Make Sure People Are Who They Say They Are
The final and most important aspect of data integrity is end-user security. To prove data integrity for certifications, companies need traceability. In practice, that means that they need to have a complete audit trail of every document’s history. However, if someone’s account is compromised, that traceability is destroyed. In that situation, it becomes hard to discern between the genuine actions of the real user and the actions of a third party. If end users accounts can be easily compromised, an organization’s data loss prevention software and user controls are all for naught. That’s why it’s essential to make sure that the people who are accessing your data are who they say they are.
User security is more than just strong passwords. It’s also about having the right technology and the right procedures in place. One of those technologies is a cloud identity system. This software, which is offered by most major cloud providers, allows companies to manage user security settings and monitor who is trying to access their network so they can proactively block unknown devices from connecting.
In addition to cloud identity systems, multifactor authentication and physical security keys can help further bolster security. For example, security keys like Google’s Titan Security Key, Yubico’s YubiKey, and Thetis’ Fido U2F use multifactor authentication to protect end users. Stealing a user’s password is (comparatively) easy, but stealing a physical security key is a lot harder.
With the right technologies and processes, companies don’t need to sacrifice security and data integrity to employ remote workers. With DLP software, user controls and proper end-user security, companies can bridge the gap between their regulatory obligations and their desire to take advantage of the benefits of remote workers.