PR.DS-02.230

Does your organization block access to personal email, file sharing, storage services, and other personal communication applications from corporate systems and networks?

Explanation

Allowing access to personal communication services from corporate networks creates potential data exfiltration paths and increases the risk of malware infections. These services bypass corporate security controls like DLP, email filtering, and malware scanning that protect organizational data. Examples include Gmail, Dropbox, OneDrive personal accounts, and messaging apps like WhatsApp web client. Evidence could include screenshots of web filtering configurations showing blocked categories, firewall rules blocking these services, or documentation of technical controls that prevent access to personal communication services across the network.

Implementation Example

Block access to personal email, file sharing, file storage services, and other personal communications applications and services from organizational systems and networks

ID: PR.DS-02.230

Context

Function
PR: PROTECT
Category
PR.DS: Data Security
Sub-Category
The confidentiality, integrity, and availability of data-in-transit are protected

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron