A common trope in television and movie crime dramas is an armored car heist. This has narrative appeal for several reasons. One, while the money is in transit you can have lots of cool car chase scenes. Two, it’s easier to break into an armored car than break into the vault at the bank, where security is stronger, there are more guards, and the police are a panic button away. Three, if you can’t break into the armored car right away, you can steal it and take it to a secure location and break into it later when there is less time pressure and risk. Four, most bank heist tropes are combined with the inside-man trope and it’s easier to write the inside-man as a replaced armored car driver or a bribed employee at the armored car service who leaks the transit route details or provides GPS tracking for the armored car.
In data security, too often the focus is on where data is primarily stored. This is usually an on-premises data storage facility at corporate headquarters, which is more secure than satellite offices and employee home offices, and is the data equivalent of a central bank vault, which is more secure than branch offices and ATMs. Data security often focuses more on securing the physical assets used to store the enterprise’s digital assets, and less on the transit routes of data. But nowadays, most of the organization’s data is constantly on the move as the cloud and mobile devices enable business to be conducted anywhere at anytime.
“With the proliferation of cloud computing and mobile tech,” Shelly Kramer blogged, “more and more businesses are moving to a service model for everything they do.” Not only are organizations turning to cloud service providers (CSPs) and managed service providers (MSPs) for business-enabling services such as infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS), Kramer sees all of this quickly giving way to what is being termed everything as a service (EaaS). “The emergence of EaaS,” Kramer explained, “as the next-gen model for cloud users is becoming increasingly significant due to the growing enterprise use of technology that’s no longer confined within the closed chambers of the IT department.”
“Cloud-based file sharing,” Michael Brown blogged, “brings up questions about employees using personal devices for work-related tasks and communication. Gartner predicts that by 2017 more than half of employers will ask or require employees to supply their own devices for work. Rather than regulate and inhibit employees, businesses are learning to adopt the bring your own device (BYOD) revolution and reap the benefits that go with it, but this means a proper BYOD protocol needs a place within the sensitive data management strategy.”
Contrary to the old adage, it is sometimes easier to hit a moving target, especially in today’s mobile business world. Instead of focusing on where data is at any point in time, focus on how data gets from point A to point Z, and all the points in between, and how secure data is while in transit. With organizations of all sizes and in all industries entrusting their business to cloud-based and mobile-accessed services, the cloud needs an armored car service for data.