Endpoint Data Control Needs Attention Thanks to Data Sprawl
June 26, 2024
Risk Insurance cites a recent survey that concludes that the accumulation and storage of enormous amounts of data, or Data Sprawl, is making it hard for organizations to implement endpoint data control and other data governance practices.
Endpoints are defined as any device by which a user accesses an organization’s networks, applications, or data. They may be owned by the company, but often belong to an employee, in which case they are harder to manage.
Endpoint data control is an urgent concern because sophisticated cyberattacks pose risks that conventional security measures often fail to mitigate. The shift to remote and hybrid work models has complicated the issue. Companies are confronting visibility gaps with respect to monitoring devices off-network.
Most organizations recognize the risks, and 62 percent prohibit storing personally identifiable information (PII) on endpoints. More than half have deployed technical controls to enforce that policy. Nevertheless, 55% report having some PII data stored in files on endpoints.
The conclusion? Policies and technical controls in place are not enough. The reality on the ground has to match policies, which may require some changes.
Critical intelligence for general counsel
Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.
Daily Updates
Sign up for our free daily newsletter for the latest news and business legal developments.