When managing red and green data, a hybrid cloud  which balances convenience and security may be the right choice for your enterprise as it provides on-premises protection for particularly sensitive data. CIOs must make sure that whichever cloud deployment they choose is adopted in compliance with the enterprise’s needs and policies.

2. Encrypt File Systems

Given that theft of login credentials is the most common avenue attackers have into corporate systems, encrypting end­point device file systems is where security should start. More than three in five data breach vic­tims pinpoint credential theft as the cause of breaches, with the most recent and notable victim being Anthem. Furthermore, con­sider requiring the use of encrypted USB keys as part of your sanctioned media storage policy. Finally, make sure your backup systems support suitable encryp­tion models for your organization.

3. Gain Visibility into the Data that Resides on Endpoints

When an employee loses a device or leaves the company, the IT team needs to know what data was on the device. However, few CIOs and CISOs have this visibility: only 19 percent of IT pros know how much regulated data is on endpoint devices. This is particularly important as more and more employees connect their work accounts to personal cloud accounts, such as Google Drive and Dropbox, which increases the risk of data leakage both intentional and accidental. Continuous endpoint backup not only protects you from data loss but also helps in determining the source of the data leak or breach.

4. Empower Employees to Follow Acceptable use Policy

It’s the CIO’s job to make sure the enterprise is set up for success and that includes setting policies that don’t deny employees to use tools that they want to use, but enable them to do so while preserving data security and privacy. Too often employees use their own version of an app, or their personal accounts, which open up the corporate network to malware and attacks if the personal account or device is compromised. The reality is 90 percent of American employees use their smart phones for work, with or without the company’s permission. If employees reject the tools introduced by their IT team, the enterprise has not only wasted money, but may have also a false belief that data is secure. CIOs can get employee buy-in for policies by choosing elegant, user-friendly technology and making the policy as restriction-free as possible while maintaining security visibility.

As technology and workplace habits evolve, enterprises need to adapt to the notion that corporate data security is a moving target. When CIOs and CISOs were asked a decade ago how they addressed the intersection of security, cloud and mobility, they said, “We’re not going to allow cloud services or BYOD.” Today that just isn’t feasible, or smart. Forward-thinking executives realize that for security to work you have to follow the data. Today, the data is in the cloud and the endpoint, not just the data center.