We often hear about malicious data breaches in news headlines — nation-state cyber attacks and disgruntled employees stealing valuable data, to name a few examples.
But, data breaches are often far more nuanced: Take the latest news of a telecom company with an inadvertent insider data breach. In September 2022, an employee obtained a file with personal information on around 63,000 coworkers without proper authorization. The exposed data was a cybercriminal’s dream - full names, addresses, social security numbers and more.
Thankfully, there’s no evidence that the data was leaked externally or misused — but this incident still constitutes a data breach at massive scale, and it highlights a major challenge in Zero Trust today: Protecting highly sensitive data that must be shared within everyday workflows, where users are just trying to get their jobs done.
While reports so far indicate that this particular incident was not malicious in nature, it highlights the ongoing need for robust controls on sensitive data access. Events like these underscore why a balanced Zero Trust approach matters now more than ever.
Zero Trust is centered on the concept that no user or system should automatically be trusted within an organization. Strict identity verification, least privilege access and data protection controls help guard against threats from a small number of sophisticated, but malicious, external actors. But, what about the data that we share every day with actors who are legitimate and trusted partners and employees?
This case shows that an employee can have every intention of doing the right thing with data, but if granular, Zero Trust controls aren’t put in place to 1.) Tag highly sensitive data, and 2.) Determine the appropriate entitlements for identities — major breaches can occur as an unintended result.
Simply stated, companies must do a better job of embracing a balanced Zero Trust game plan, one that practices defense, and offense too.
Zero trust defense protects sensitive data that we possess from theft by a small number of malicious actors working on behalf of nation states and criminal actors.
Zero trust offense governs sensitive data that we distribute every day via email, file, and SaaS workflows to massive numbers of employees and business partners representing employees and partners, who themselves can sometimes make mistakes when handling data, and sometimes become disgruntled.
Whether we like it or not, human identities frequently stumble into highly sensitive data that isn’t properly classified and protected. Simple errors can also lead to huge exposures, as this most recent case shows. Limiting data access through entitlements helps, but is often not enough alone. Tagging sensitive files with proper classifications, adding metadata policies, and wrapping them in encryption gives multiple layers of automated protection that travels with the data and supports controls like revocation and expiry – and also provides a rich audit trail.
Today, most Zero Trust investments have a heavy bias toward playing defense against the one percent of malicious identities who are intent on stealing our data. That said, companies cannot ignore risks associated with the ninety-nine percent of employee and partner identities that we share data with every second of every single day.
Balancing Zero Trust controls between defense and offense closes gaps that either approach alone would miss. Employees gain technology guardrails to help them “stay in their lane,” while companies grant access confident that mistakes won’t turn into headlines.
Of course, technology is only one piece. Culture, training, and seamless user experience matter just as much. But the tech serves as the critical safety net, quietly filling the gaps that can sink any business in today’s data-driven world. This is a perfect example of an employee making a mistake — not doing something malicious!
To prevent these types of situations happening in the future, companies need to up their zero trust game – not just defensively, but offensively too. When employees’ authenticated identities are tagged with the proper entitlements (need to know) – and the sensitive files in question are tagged and wrapped with granular policy controls like those supported by the Trusted Data Format (TDF) standard – you're running an excellent offensive scheme.