Data dissemination and file sharing between agencies and law enforcement authorities is a natural part of government business. But what happens when those files leave the security of domain-controlled network drives and content management systems? Unfortunately, the secure access and use of sensitive, even regulated data, within files that are shared internally and externally poses a potential exposure risk for government agencies already slammed with cybersecurity concerns, writes DLT partner, FinalCode.

According to a report by Enterprise Management Associates, 80% of mid-tier and large enterprise survey participants were aware of file data leakage incidents and only a meager 16% felt confident in their file security investments.

Whether you’re seeking to protect bids, projects, large computer-aided design (CAD) files, and other sensitive information that your agency collaborates on, it’s critical that these files are shared securely with suppliers and subcontractors – even after they’ve reached their destination.

To help agencies reduce intellectual property loss, compliance liability, and exposure, FinalCode suggests that government organizations put the following five steps in place:

1. Establish a process to map different file classes/types. Based on information type and compliance obligations to protect the file, identify sources and categorize activities where files requiring protection exist.

2. Assess how sensitive files are secured and shared. Review how files in each data classification are currently secured and shared to examine the potential for exposure and the associated outcomes. This risk assessment should reveal data protection priorities and gaps.

3. Examine current data protection policies. Which policies need to be improved to better manage risk? Vet, agree upon, and communicate these policies to data owners and data managers.

4. Identify where technical controls should be applied. Assess each control’s functional scope and consider management, implementation, and cost factors. A file-based digital rights management platform can reduce file leakage risks through encryption, access, and usage control.

5. File security management tracking. With controls identified, you’ll need a method of tracking and reporting adherence to policy, control implementation, exceptions and additions, and control usage – this ensures a vantage point for file data leakage risk reduction and a baseline for continuous improvement.

Read more about the ins and outs of implementing such an approach in Top 5 Steps to Reduce File Data Leakage Risks.