The Best Offense is a Great Defense

I’ve been a sports fan all my life. If you’re into sports tactics at all, you know a common offensive scheme in virtually any sport is to spatially spread out the opposing team’s defense. Why? It creates space to maneuver, opening up options for attack that just aren’t there when everyone is bunched up in a group. However, the best defenses limit the offense’s ability to spread the field/court/pitch (what have you) with matchups. Matchups essentially render certain forms of attack useless, which is for instance why the New York Jets, Tampa Bay Buccaneers, and New England Patriots were all willing to pay NFL Cornerback Darrell Revis $16,000,000 per year to play just one position and guard just one opposing player. He alone could take any offense’s best Wide Receiver out of the game, eliminating one of the more dangerous forms of attack any offense had.

So how does this relate to data security in the IT world?

If we’ve learned anything from the past year’s statistics on data breach, it’s that our companies and our data isn’t nearly as safe as we’d like to think. To combat data breach events, organizations have essentially played a “zone defense” by trying to be everywhere, all the time. Zone defense works against poor offenses, but good attackers pick the zone apart. With every hole you plug, another one opens.

Organizations have traditionally focused on the security of their application data thinking the most valuable and sensitive data only lives in these repositories. They proclaim, “my application data is locked down tight!”. You know what? I would tend to agree and it probably is. They got specific and put the right matchups in place to defend those assets against breach. However, what they fail to realize (or acknowledge) is that a lot of what’s in those application databases is probably also sitting right in their employee’s “My Documents” folder, because for one reason or another, they exported that data to an Excel Spreadsheet and saved it on their desktop (or a File Share, a SharePoint Site, or some other place you have no idea about or may not even have access to yourself).

This is the simplest and most common way that “protected” structured data transforms into unprotected unstructured data. It’s just as valuable, more portable, much more difficult to defend, and it’s happening right now.

But unstructured data is an entirely different animal than all the other data in your organization. There is more of it, in more places, than any other type of data. It’s on every desktop, every server, every file share, and every SharePoint site. It’s being transmitted through File Sync & Share applications that you swear can’t be used, but undoubtedly are. So what to do?

The most pragmatic approach to securing your unstructured data is to figure out which files out of the millions and millions spread across your organization are the ones that really matter. Imagine you knew the answer to that question. Imagine you could locate and secure all the stuff that matters, so if someone or something did breach your walls, there was nothing of consequence they could actually steal. This ability, combined with proper access controls, periodic entitlement reviews, and better end-user education is the matchup you need to secure your unstructured data.

If you’ve already identified and secured the data worth stealing in the easiest places to steal it, you’ve taken another player out of the game for the offense, and that’s why the best offense is a great defense.

Don’t miss a post! Subscribe to The Insider Threat Security Blog here:

Name

Email*