In my last blog, I stated that “data security can be achieved without data privacy, but you can’t effectively fulfill data privacy without data security. When it comes to complying with regulations, or protecting against breaches, if you don’t know your data, you won’t be able to justify it to a regulator, or safeguard it from malicious intent.”
Once you’ve discovered all the data in your organization, you can then write a report. However, data is located everywhere. It’s spread throughout many different applications and storage systems. Data is stored in diverse hosting environments, like on-premises and multi-clouds. It is on myriad devices, from IoT to users with laptops, tablets, and smartphones. Data privacy and security are complex. Perimeter-less and heterogeneous data mapping, discovery, and classification are much more difficult processes to get right, than merely the reporting and operationalizing of data.
There are different data privacy solutions on the market that can effectively compile data and generate reports from known sources. However, they lack the ability to discover and classify data within a vast and perimeter-less environment. In fact, the most prevalent means of locating data is from Excel spreadsheets. Unfortunately, spreadsheets are human-derived, and therefore, prone to errors. Surely, we can’t expect this approach to find everything within a large enterprise’s vast stores of data. If data can’t be found, because nobody in the company knows where it is, or that it even exists, that poses a business liability. There is also a matter of sustainability. Manual data collection is an unsustainable, flawed approach, even with the nice interfaces that many data privacy technologies provide.
Data is dispersed in places where many people have access to it, but may not be authorized to see it. That is actionable information that an organization should be able to do something about. The only way to find all the data is through auto-discovery and abstraction, with a consistent view of it from the many different data sources and technologies. This is a critical component needed to write accurate reports for internal auditors, and regulators.
It’s critical to know who has access, who owns the data, and understand what people are doing with the data. A process needs to be in a place that aligns data access with a least privileged model, that restricts access rights for users, accounts, and computing processes. This needs to be done all the way through the automated entitlement process that grants access to an account and enables the account owner to manage it.
Employees are the front line of defense, but also the weakest link. They’re the primary cause of errors and vulnerabilities from social engineering tactics that open doors to breaches. Overcoming this requires automated technology processes and controls that prevent people from making mistakes and taking shortcuts that lead to problems.
There are many advantages to having a solution that combines data privacy and security within a single platform. This type of solution will provide automated discovery and classification, and the ability to collect all the data, improve productivity, and eliminate human errors. This also provides a documented trail of discovery that is actionable and auditable.
Stealthbits is focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce privacy and security risk, fulfill compliance requirements, and lower operational costs. Our integrated data privacy and security platform is driven by a multi-layered approach. Leveraging an identity-centric view into subject data, we address privacy requirements and security threats at the data, directory, and system layers of an organization’s hybrid IT infrastructure, all managed through a single-pane-of-glass interface.
Adam Rosen serves as Vice President of Data Access Governance at Stealthbits – now part of Netwrix. An expert on managing and securing unstructured data, Adam has helped organizations of all sizes implement controls and policies to meet security, compliance, and efficiency objectives. In his current capacity at Stealthbits, he manages the industry-leading StealthAUDIT suite that enterprises around the world depend on to defend their most critical information.
Proper data security begins with a strong foundation. Find out what you're standing on with a free deep-dive into the security of your Structured and Unstructured Data, Active Directory, and Windows infrastructure.Read more
Start a Free Stealthbits Trial!
No risk. No obligation.
Leave a Reply