Best practices in prevention and cure, with Theta Lake
High-profile accidental breaches of large datasets have continued to make headlines in recent years, despite new legislation and higher fines in Europe and elsewhere, combined with growing public awareness of privacy and personal data issues. In fact, recent surveys show that the number 1 concern for compliance supervision of communications is data-loss.
And in our distributed online world, every business is a data business: sharing and distributing information of all kinds via increasing numbers of channels, with anyone in the world at any time. Indeed, the explosion of unified communications tools and platforms such as video calling and collaboration chat (where documents, files, and multimedia content are also easily shared) have given us richer and more effective ways to collaborate with colleagues and customers than ever before — but it has also exposed businesses to greatly increased risks of inappropriate data disclosure, from personally-identifying information to intellectual property. Importantly, market analysis shows that unlike legacy communications over email, collaboration platforms are higher risk channels for data exposure, and, at the same time, they have much less supervision and compliance coverage.
It’s the multi-sensory appeal of adding video calling as part of true unified collaboration itself which creates multiple ways that data can be misused, from the sharing of confidential information via screen sharing, file-sharing through chat, or virtual white-boarding, to the conversation itself — even having documents or information displayed on a whiteboard in the background visible via the webcam. Whether accidental or intentional, the sheer volume and diversity of data being shared make leaks more likely to happen.
It is essential therefore for all enterprises to properly assess and mitigate these risks by looking at the full scope collaboration platforms across chat, voice, video, document sharing, and more. The experts at Theta Lake have recently published a white paper with specific guidance on this emergent issue, to help organisations make use of the latest communications tools, while simultaneously mitigating the dangers of data loss.
Best practices for risk reduction
A plan for data loss prevention should focus on the highest-risk interactions present in your organisation, starting with a detailed risk assessment, which rigorously assesses the potential for accidental or malicious disclosures. An appropriate response based on this assessment may include auditing sample recordings to categorise interactions by degree of likely risk, and adopting appropriate practices to actively record and review potentially high-risk interactions going forward.
For heavily compliance-driven industries or those where every interaction is high-risk, tools like Theta Lake can be integrated directly into Webex, RingCentral, Zoom, GoToMeeting, and similar platforms to review 100% of communications. By integrating AI technologies including natural language processing (NLP), machine learning, optical character recognition (OCR), and image analysis the tool can automate the detection of data leakage and compliance risks. Combinations of pre-built and custom detection policies ensure that the most unsafe interactions are hastily flagged to human supervisors for manual review, while ensuring the secure, long-term retention of recordings to enable rich e-discovery, protecting the business from reliance on incomplete sampling and screening. This is increasingly important as 69% of FinServ compliance professionals surveyed by Theta Lake said they were only ‘somewhat’ or ‘not’ prepared for the increase in information sharing over video communications using their existing compliance controls.
Where the data loss buck stops
Because ultimately the responsibility for any data loss rests with the organisation, and having the right policy in place is only the first step.
Policies must be backed up with consistent and effective workflows, solid integration into the tools in use, persistent archiving and accessibility, and a fully resourced plan for user retraining and behaviour modification where necessary.
As enterprises in all industries crave the richly engaging communications that video and chat collaboration tools offer, ensuring their deployment does not create additional risks will be a central focus of all enterprises as we enter the 2020s. The combination of fast and uniform auditing by bespoke AI solutions like Theta Lake, with the discretion and personalisation of human insight at the appropriate juncture, is a pragmatic answer to the challenges of data loss prevention in our omni-channel digital world.