Endpoint Data Control Needs Attention Thanks to Data Sprawl

Endpoint Data Control Needs Attention Thanks to Data Sprawl

Risk Insurance cites a recent survey that concludes that the accumulation and storage of enormous amounts of data, or Data Sprawl, is making it hard for organizations to implement endpoint data control and other data governance practices.

Endpoints are defined as any device by which a user accesses an organization’s networks, applications, or data. They may be owned by the company, but often belong to an employee, in which case they are harder to manage.

Endpoint data control is an urgent concern because sophisticated cyberattacks pose risks that conventional security measures often fail to mitigate. The shift to remote and hybrid work models has complicated the issue. Companies are confronting visibility gaps with respect to monitoring devices off-network.

Most organizations recognize the risks, and 62 percent prohibit storing personally identifiable information (PII) on endpoints. More than half have deployed technical controls to enforce that policy. Nevertheless, 55% report having some PII data stored in files on endpoints.

The conclusion? Policies and technical controls in place are not enough. The reality on the ground has to match policies, which may require some changes.