Data exposure

Protect your gold

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Part of my series on Cybersecurity for Executives

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Do you know where the data lives in your organization? If you don’t, how do you know if it is exposed or not? If you think you know where it is, do you understand all the ways it can flow in and out of systems that might inadvertently expose it to the Internet or third parties?

In my last post in my online book, Cybersecurity for Executives, I wrote about how open network ports can expose your organization to unnecessary risk. The concept of blocking network ports to keep things inside or outside your network presumes you have control over your network perimeter and can track what goes in and out via controlling ports. Sometimes in this day and age of cloud services, this is easier said than done. This post will look at some of the changes in systems and architectures in recent years that make managing network access difficult. Some of it has to do with approved third-party access to systems that create paths for data exfiltration (a fancy way to say data extracted from your network in a subversive manner).