Keep Malicious Actors Out of Your Private Business Workflows

Share this post

External file threats introduce a malicious file into the organization under the guise of an everyday workflow, generally with the help of an end user. A phishing email with a malicious attachment presents a classic example, but it is far from being the only available attack vector. Every potential entrance for an external file offers an attacker a foothold onto the threat surface, including email, web, chat, FTP, P2P, and even flash drives.

The modern enterprise spends millions of dollars on cyber security, yet the modern CISO can’t say in any specific detail what information is entering and leaving the firm. If you can’t see it, you can’t defend it. Everyday workflows where employees exchange sensitive information with external parties expose the firm to constant threats, including leaks, phishing, malicious files, and compliance violations. These external workflow threats have a common theme: a user is the actor, and a file is the agent. Complete protection requires a defense that spans the full breadth of the associated threat surface: the collective paths of all files entering and leaving your organization.

In my last blog post, I discussed defending the threat surface against internal threats like data breaches by employing tight governance over all file transfers. Today, I’ll discuss defending the threat surface against external threats by inspecting every file to block malicious attacks.

Deny Attackers From Gaining a Foothold Onto the Threat Surface

Inspect Every Incoming File to Neutralize Threats

Having shrunk the threat surface by limiting the entrances—the user apps where files can enter—we can now efficiently monitor and inspect every incoming file to detect, isolate and neutralize all incoming threats. At a minimum, security integration options ensure every file is cleared by anti-virus software prior to storage in an enterprise repository. More suspicious files may require advanced threat protection (ATP) to isolate and execute them in a secure environment. High inbound file traffic should undergo stratified inspection to avoid reducing user productivity. Suspicious files can be marked for detailed inspection and queued based on workflow metadata, so that higher priority workflows receive higher priority processing.

Block Malicious Threats

Defend the threat surface against external threats by inspecting and monitoring every file to block malicious attacks. [source: Accellion secure file sharing and governance platform]

Monitor the Entire File Transfer Path

A CISO Dashboard lets you monitor the entire file transfer path and allows you to go beyond simple file inspection. Security rules based on file transfer metadata can also be applied to strengthen your defense. Who is sending the file? Who is receiving it? Where is it coming from? Not just an IP address, but who and where. This information is only available at the user-application-file level, so this defensive strategy is only possible on the external workflow threat surface.

In the next post, I’ll discuss building a holistic, proactive defense that spans the entire threat surface. Once CISOs can send every external file transfer through a gauntlet of best-in-class security solutions, data protection becomes a proactive effort, rather than defensive one.

Don’t want to wait? Download the eBook now!
Protecting Sensitive Content in a Dangerously Connected World

Protecting Sensitive Content in a Dangerously Connected World

Discover the 5 strategies for protecting sensitive content against external workflow threats with this informative eBook.

Share this post

Keep Reading about Cyber Security

Philadelphia cybersecurity leaders

CISO Perspectives: Say “Yes” to Help the Business Grow

by Joel York
Share this postIf your job is to protect your organization’s reputation, you’re probably pretty risk-averse. But saying “no” to every department’s technology request will get you branded as a barrier to business growth. Eventually, department...
CISO Perspectives With Laura Whitt-Winyard

CISO Perspectives: Closing the Skills Gap

by Joel York
Share this postBusinesses in every industry are adopting technologies at a breathtaking rate. While this makes people and processes more efficient, security teams struggle to keep pace. If CISOs can’t secure the systems that process,...
Dallas cybersecurity leaders

CISO Perspectives: Who’s your Boss?

by Joel York
Share this postIf you ask a CISO this question, you’re likely to get a consistent answer – probably the CEO, COO, or Board of Directors. The reality, however, is quite different. In fact, a CISO’s...