With the rapid expansion of cloud services and remote work, many organizations pushed data outside their traditional security perimeter. The rush to ensure organizations could work as efficiently as possible often led to growth without in-depth understanding and tracking of new assets and their business value. This expanded the attack surface for organizations, leaving them vulnerable to improperly secured data.
Securing data shouldn’t be primarily focused on adding technological controls. Governance structures in the form of non-technical controls such as definition of policies, processes, and procedures around organizational data and the need for a classification policy to drive that is paramount in the success of any data security programme. This is an involved process requiring the entire organization’s support.
While tools can help secure your data, they’re only helpful when there’s a complete understanding of what data is out there to secure.
This article explores the top 3 ways organizations can take control of their data and secure it from a technology perspective.
Find Your Data
Before you can begin the journey of securing your data as an organization, you need to have an in-depth understanding of what you have and where it is. There is no easy way to go about this process, especially for organizations that leverage both on-premise and cloud assets.
Using automated tools is an excellent way to get started in this process. These tools can parse through large amounts of data, crawling your known organizational data stores to locate and categorize the data that it locates. Unfortunately, these tools are not perfect and can only classify data based upon rules and, as such, are no substitute for manual intervention. Even though a person is slower to parse the data, correctly classifying it once discovered is generally more precise.
Another challenge of using automated tools is the presence of (un)sanctioned IT assets known as shadow IT. These systems are often created to serve as testing or temporary solutions and can store important data. Finding these tools usually requires an in-depth assessment of all network-attached assets.
Re-organize Access To It
Once the data has been located, the organization needs to control it. Doing this requires defining where the data should be and relocating it, if necessary, by removing data from less secure locations to approved locations. Moving data reduces the organizational threat surface.
Once the data is in place, the vital task of re-defining the access that the organization should grant comes into play. The data should be assigned to appropriate data owners who can define the roles and individuals that need access to the data to accomplish their roles. This access is not a set and forget activity and requires periodic review to remove stale access for those that no longer need it for their given role.
Once an organization understands where their data is and who has access to it, they can begin the more complex task of monitoring how access is used. Many solutions can facilitate this process as there are far too many to accomplish manually. At a minimum, appropriate tools should track who has accessed the data, from where, and when. This is the least amount of essential information required to track data appropriately.
More complex data access tracking applies behavioral analytics for more meaningful analytics from the data. These tools note behavioral trends for users and patterns in which users access the data, from what devices, and in what manner. Behavioral data helps organizations identify when bad actors have compromised accounts and when insiders misuse their access to data which creates organizational risk. Many of these tools can take action on anomalous behavior to temporarily restrict access while the behavior is investigated.
You Are Not Alone
It is a daunting task to take control of your data security, especially for large or growing organizations. A partner with experience in moving through the data security lifecycle can reduce the burden on organizational staff and expedite the process. Persistent can guide your organization throughout the entire process of locating your data through securing and monitoring it.