May 28, 2020

Remote work could be putting sensitive corporate data at risk

By Tech Online Things

New research from Digital Guardian has revealed that hundreds of terabytes of potentially sensitive corporate data could be at risk from employees who stored data on USB drives while working remotely during the pandemic.

The firm’s new DG Data Trends Report assessed the risk of sensitive data loss during the Covid-19 crisis. To compile its report, Digital Guardian aggregated and anonymized data from nearly 200 customers of its Managed Security program around the globe.

In order to better understand how employees stored sensitive corporate data before and during the pandemic, the company analyzed a data set from January until April of this year. This enabled Digital Guardian to compare data egress patterns before and after employees began working from home.

Data egress

According to Digital Guardian’s report, there was a 123 percent increase in the volume of data downloaded to USB devices by employees after they began working remotely and 74 percent of that data had been classified by organization’s data governance policies.

Cloud storage and USB devices became employees most preferred egress paths during the pandemic and accounted for 89 percent of all data egressed. The report also found that data egress was 80 percent higher in the first month following the WHO’s pandemic declaration. To make matters worse, over 50 percent of the data egressed was classified.

From March 11 to April 15, employees uploaded a total of 336 TB of data to the cloud representing a 72 percent increase from January and February combined.

In a press release, vice president of cybersecurity at Digital Guardian, Tim Bandos warned that IT and security professionals should pay particular attention to the significant uptick in USB device usage for storing data, saying:

“Organizations have accepted that the economic and health effects of COVID-19 will be with them for the foreseeable future and working from home will remain a requirement for many of their employees. Our research indicates remote employees are egressing classified data at unprecedented rates across all egress paths. Executives and security teams would be wise to consider implementing solutions that provide visibility into this behavior, and a means to control it, in order to avoid a potential data breach.”