Discover in this article, how does Cryptobox meet the DGSI's recommendations for protection in the event of theft

Organisations are facing a growing threat: The theft of sensitive data. The increasing sophistication of cyber attacks and the risk of insider threats are creating a situation where important information is constantly vulnerable to theft. The impact can be considerable: industrial espionage, loss of know-how, damage to reputation, and financial and legal penalties. Faced with this reality, find out how the French General Directorate for Internal Security (DGSI) has drawn up a series of recommendations aimed at strengthening the protection of sensitive data and preventing their theft. 

1. Data theft: A growing risk for organisations 

Organisations need to be particularly vigilant when it comes to the risk of data theft by internal employees. These threats, which are often underestimated, can have major consequences. In 2024, 1,204 confirmed attacks resulted in the theft of more than 195 million data files, and the payment of around €130 million in ransom. Although these security breaches may seem insignificant at first glance, they represent a real threat to the security of an organisation's most important information.

• Main targets: Data associated with an organisation's business strategy, its know-how and technological developments, its internal organisation and operations, and the security of its information systems.
• Actors involved: Breaches are often committed by staff working in the victim organisations.

• Locations and operating procedures: Thefts generally occur on company premises, but can also be committed from outside, particularly when telecommuting with remote access. Attackers can delete, modify or prevent access to data.

  
  Data theft can have major repercussions:

• Loss of critical information: Business strategies, intellectual property and technological developments can be compromised.
• Regulatory penalties: With the GDPR and other regulations, organisations are subject to strict data protection obligations. A leak can result in heavy fines.
• Damage to reputation and customer confidence: An organisation that is the victim of a cyber attack or information leak risks seeing its image severely damaged. 
  Hence, it is crucial to implement an effective cyber security policy based on appropriate solutions and best practices to ensure the protection of sensitive data and mitigate risks. 

2. Protecting data: The essential measures to adopt

A range of protective measures must be implemented to effectively counter the threat of data theft. These measures cover various aspects of information systems security and are designed to minimise the risks of intrusion and data leaks. The main measures to be implemented are:

• Robust encryption: Strong encryption must be used for data in transit (TLS/SSL) and at rest (AES-256). This ensures that even if data are intercepted, it remains unreadable to unauthorized parties.
• Multi-factor authentication (MFA): Several forms of authentication are required (password, single-use application code) to prevent unauthorised access, even if passwords are compromised.
• Least privilege principle for accesses: This involves granting users the minimum rights necessary to perform their duties, while limiting the potential damage caused by internal threats or compromised accounts.
• Regular security audits and penetration tests: By carrying out periodic system security assessments, vulnerabilities in systems and applications can be identified, and the effectiveness of existing security measures can be analysed.
• Safety awareness training: Informing employees about common cyber threats and best practices in data protection can help reduce the risk of attacks.  

• Endpoint detection and response (EDR): EDR solutions monitor endpoints for malicious activity, providing real-time threat detection, investigation and response capabilities. 

  
  Rigorous application of these measures forms a solid foundation for any data security policy. It is vital to ensure that these principles are implemented consistently and effectively.

3. How does Cryptobox measure against DGSI recommendations?

Not all data are necessarily sensitive. It is therefore essential to know how to identify sensitive data by classifying them accordingly. Cryptobox fully complies with the recommendations of the DGSI, allowing you to strengthen the protection of sensitive data to prevent the risk of theft: 

1- Classify data according to their sensitivity: With Cryptobox, sensitive data is organised in dedicated workspaces, according to the field of work. Cryptobox helps you secure sensitive data, enabling you to define precisely who is allowed to access it, trace it, control its storage and define who is allowed to share it.

2- Prioritize access within the organisation according to employee profiles and roles: Each employee has a Cryptobox account and, depending on the workspace, adapted access rights. Some people may have restricted or read-only rights, others may have modification rights, and finally some may be owners. Even if administrators do not have access to data, they do have access to the names of workspaces where a user is present, who manages this workspace and who grants access to the various documents.

3- Reinforce data security and ensure it is applied: Cryptobox imposes a strict level of password strength. When the solution is deployed, Cryptobox administrators may require password renewals. Users can access two-factor authentication to enhance security.

4- Control user behaviour on the network by setting up database surveillance monitors: Monitoring tools can be used to precisely define who manages data within the organisation according to roles, assigning responsibilities for reading or modifying documents. The Cryptobox solution also provides detailed monitoring of file activity, such as who has viewed, modified or shared a document. 

Sharing rules are clearly defined by the administrator: for external documents, a sharing link with or without a key is required, while internal access is restricted to certain people within the organisation only.

5- If an employee leaves, ensure he or she has returned all access keys and equipment: Administrators can keep a close eye on what is happening with files, whether they are being saved, downloaded, read or shared. The administration interface also provides features to manage users, and block or delete an account when necessary (for example, after an employee has left).

Cryptobox meets the recommendations of the DGSI in terms of reinforcing the protection of sensitive data to prevent the risk of theft. To take this a step further, sensitive data can be collected with the same level of security using the “deposit box”, and documents can be saved directly in a dedicated secure workspace.

Conclusion

Organisations face the constant threat of data theft, whether from internal sources or cyberattacks. The DGSI's recommendations provide a framework for strengthening the security of sensitive information and preventing risks. Cryptobox is the ideal solution for meeting these requirements, ensuring strict access control, end-to-end encryption and full traceability. This enables organisations to protect their information assets and ensure compliance with cyber security requirements. Contact our teams today to find out how Cryptobox can secure your sensitive data and strengthen your protection against threats.