Peter Cochrane: The coming epidemic of data exfiltration
As people move jobs, they not only take their sought-after skills and abilities, they also take all their documents, data and stored knowledge with them
It all began with mobile working and legions of road warriors, and was then amplified by ever more home working.
Data and information stores of individuals and companies migrated from centralised and well-protected vaults at the core of networks to dispersed caches spread across vast numbers of machines and ethereal clouds.
The big question is: can all this be effectively controlled and protected? In theory, yes, in reality, not a chance!
The vastly expanded attack surface and lax behaviours of employees has already been a gift to the ‘dark side' and opportunistic thieves alike. Data, device and machine theft is at an all-time high, aided and abetted by poor security measures starting with easily crackable passwords. It is as if some corporate and individual blindness cloaks the newly created cyber and personal risks.
The advantages of mobile and home working are significant for sure, but this new mode and is very different and people need educating, including managers, and it seems, IT departments! Casting people adrift to work at home, a remote office, or coffee shop, using their own IT equipment or corporate laptops is fraught with risk. Burglaries at relatively insecure homes, laptop theft in coffee shops, plus mobile phone and computer bag snatches in the street are all on the rise, and there is much more to come!
Throughout the West there is a growing shortage of skilled workers, and the talented are getting fractious. Their dwell time in any one job is going to get ever shorter as salaries, projects, working conditions and opportunities elsewhere beckon. We might therefore expect bidding wars for these hard-to-find individuals.
As people move jobs, they not only take their sought-after skills and abilities, they also take all their documents, data and stored knowledge with them.
Of course, this is where contracts and the legal system steps in to provide protection. The snag is, these measures are virtually impossible to police and in reality they do not work as breaches are so easy to conceal!
There is however a big upside for industry and countries. The new dynamism will see more people get ‘educated and skilled' faster; memes will be created and propagated more widely, and speedier innovation will be fostered. Such a creative and networked working environment is exactly what progressive and dynamic economies require, and overall, society will benefit greatly.
The biggest downside to all this will see already vitrified management brains trying to hold on to the old models based on command, control, dictatorship and threat. Just as the micro-managers have been disenfranchised and/or wiped out by mobile and home working, so will these people if they do not lead the charge and become a part of this new and potent mode.
This coming change will make the current digitalisation of business look like a teddy bears' picnic
If governments and organisations are to maintain some semblance of security (in the widest possible sense) they will have to embrace comprehensive programmes of behavioural monitoring.
People, devices, machines and networks are habitual to a high degree, and exceptions to the norm are flags of unusual behaviours and potentially dangerous actions. The amount, duration, and timing of messages and mails are a good starting point, followed by the use of applications, web searches, server connections, and of course, data upload and download size and timing. Peripheral adapters, appliances, back-up drives, memory sticks and other plug-ups all present potential red flag activities too.
If governments, societies, organisations and peoples cannot live with such an intrusion, the only other option is to accept a large portion of this new mode, embrace the freedoms it affords, and change working and management practices accordingly.
Peter Cochrane OBE is Professor of Sentient Systems at the University of Suffolk