Insider Threat Prevention Using a File Server in an SMB (Small & Medium Business)
written by Simon
One possible alternative for resolving data security and management issues in a distributed data environment is the VDI Virtual Desktop Infrastructure. In a VDI environment, the insiders’ PC functions as a terminal with which to work with data stored on servers. Insiders’ PCs don’t have any data stored on them, thus providing a significantly enhanced level of information security for enterprises. System administrators can focus on server management, while insiders are responsible for managing what happens on their own PCs.
However, the VDI environment is quite unlike the typical PC environment, and being so unfamiliar to most of us, we would likely need the help of VDI specialists to introduce and manage it. Furthermore, a VDI environment costs about twice as much as a standard PC environment because the software licenses for servers which are not required in PC environments can be quite pricey. Consequently, many companies, especially SMBs, are often reluctant to introduce VDIs despite their obvious advantages in terms of information security and management.
A file server solution represents a reasonable alternative to a VDI. In this solution, all corporate data is stored on a file server, and an administrator focuses on the server to enhance the level of security and to facilitate asset and data management. With all corporate data now stored on the file server, all activity log files from creation to deletion can be gathered quickly, and individual access authority can be managed collectively. Moreover, if the file server has a backup system, data loss due to inadvertent or malicious deletion by insiders can be prevented. Ransomware attacks can also be prevented through the use of whitelisted corporate applications. Of course, the file server should be encrypted and equipped with antivirus to prevent attacks from outside, too.
All file activities should be executed on the server, and all users should be restricted from copying and network transferring a file to outside the file server, thus preventing data leakage. A watermark or print prohibition feature could be useful in preventing data leaks through printing. If a file server is equipped with such DRM features, it can effectively prevent insider threats. In sum, there is a range of data and network security features available with a file server solution, thus negating the need for a VDI.
Following the file server solution, if data leakage is to be prevented, all work-related data should be transferred to the file server, and no corporate data should be stored on the PC, and file centralization solution mainly provides such features. To safeguard whatever data might be present on a PC from leakage, DLP data loss prevention features such as keyword filtering, USB port control, and network transfer monitoring should be enabled.