4 Keys To A Data Security Strategy
Organizations must prepare for the inevitable security breach and focus on protecting sensitive corporate data. Here are some ideas to build on.
July 10, 2015
If you’re an IT pro, protecting your company’s security may have recently become part of your job description. This probably didn’t come as a surprise -- more than 40% of companies suffered a breach last year, according to the Ponemon Institute. Maintaining a secure environment is no longer a question of locking down the perimeter or eliminating the chance of an attack. After all, even if you can build a 10-foot wall around your data, someone will always be able to build a 12-foot ladder.
While you need to continue to focus on keeping out the bad guys, organizations need to acknowledge the reality that it’s not always possible and develop a plan B when the fail-safe fails. When this happens, a focus on keeping your company’s sensitive information safe within your environment is critical. To get started, you need to accept some new ideas and base your data security strategy on them.
1. Accept that data theft can happen to you, and it will likely start within your network.
At the highest level, companies are finally starting to get away from the head-in-the-sand approach to data security. We have the likes of Sony, Home Depot and Target to show what can happen. Every one of these enterprises had sophisticated security products, people and processes in place before their data was exposed. The only problem? Contrary to the headlines, the majority of data breaches and leaks start from the inside of an organization.
Whether internal team members play a purposeful role in the attack or become inadvertently involved as the result of human error, an internal network source usually provides hackers with access to valuable information.
2. Know the warning signs, and know how to prevent them.
Many IT departments admit they don’t know what they don’t know when it comes to their data. The basic knowledge about what kind of data they have, where it is in their infrastructure and the baseline of their “normal” data creation and usage are key to recognizing warning signs of threats. The biggest warning sign is an abnormal change in data read/write patterns. For example, if unstructured data changes rapidly, it’s a sign that something like CryptoLocker is taking your data hostage or someone is data dumping.
Human error is going to happen, and breaches will continue to be prevalent. Relevant and regular employee training on corporate governance policies is paramount to helping you mitigate the risk of human error as much as possible. Beyond that, processes need to be implemented to detect what and when data is at risk and be able to provide appropriate levels of protection. Proper containment strategies also are critical, so when an issue does occur, the impact is minimized.
3. Complement the top-down and perimeter-based approach, and find out what’s happening in your data.
Never assume that if you protect your company’s perimeter, you have secured your data. First, it may not be possible to fully protect the perimeter. Second, it is absolutely possible to protect and contain the impact of issues whose origins are internal.
For anomalies in data to be truly actionable, you need to be able to tie the data anomalies together with the people who acted on them and the time at which they occurred. So basically you need who, what, when and how to help determine the magnitude of the issue and to effectively remediate. Looking at the issue from a single dimension -- such as the “what” of the equation -- makes this analysis difficult.
4. Know that storage and security can strengthen one another.
As with any battle plan, there are multiple layers of defense in a data security strategy. Storage is often construed as the final layer. Traditionally, the two elements didn’t work well together -- from the storage side, scanning production systems for data anomalies often significantly impacts performance, which may tempt you to schedule scans for off hours that conflict with routine backups. As a result, storage and data issues can reside for days or weeks before they can be resolved.
However, when breaches begin within your walls, it fundamentally resets the traditional order of practical defenses. Data at the point of creation has the potential to be inappropriately exposed. Therefore, it’s storage’s job to understand who is accessing the data, and if the data accessed is compromised in any way.
When there’s a breach, it’s the data that attackers are trying to compromise, and storage has an important role to play in defending data. Data security isn’t someone else’s job; it’s everyone’s job. It’s time for the industry to accept this and learn everything it can do to share this responsibility.
About the Author
You May Also Like