Walking around the floor of InfoSecurity Europe 2019, one key phrase was being repeated again and again; data-centric security. Increasingly, the way that vendors are helping IT teams to increase their security is through visibility into what is happening with their data.
There is always a buzzword or a key phrase that vendors adopt en masse in events like these. Last year, predictably, that buzzword was GDPR. This year, it’s data centric. It’s important to unpack the true meaning behind this term to fully understand what it means and how it can help you improve security.
In the modern business, with ongoing digital transformation projects, an increasing number of devices being brought onto the networks, a move to cloud technology and an ever-changing workforce, it can be difficult to know where to start with your data security strategy. Adopting a data-centric approach helps to fix that problem by suggesting that you should work from the inside-out. That is, start from the data itself and work outwards. That way, no matter how large and complex your environment becomes, at least you always know where to start.
Discover Where Data is and Classify it
A huge problem, and a major talking point of InfoSecurity this year, is that not enough organizations know where their most sensitive data is. You cannot implement a data access governance program or other methods of data protection if you don’t know what to protect in the first place.
Logically, the first step in the process is to identify what data matters to your organization (related to compliance, for example), and prioritize it in terms of risk. Ideally the amount of sensitive information you store should be kept to a minimum and access to it should be limited.
This realization inevitably led to many people attending the show believing they needed a Data Discovery and Classification solution. Whilst siloed classification tools are a useful addition to your security strategy, alone they are not enough to ensure your data is secure.
Great, you know where your sensitive data is…now what?
Watch What Your Users Are Doing with Your Data
The next logical step after you have found out where your sensitive data is, is to find out who can actually access that data. Which of your users are accessing, moving, modifying or deleting files and folders containing PII or intellectual property? These users, and their behavior in regard to your data, should be at the forefront of your monitoring policies.
Make sure that you limit access to sensitive data by adhering to the principle of least privilege and make sure you are able to spot anomalous user behavior. To do this, you will need to deploy a solution that analyzes user and entity behavior.
Is Your Environment Secure?
The next step after you have found out where your data is, who has access to it, and what those users are doing with it, is to find out whether the environment surrounding the data is secure. Are you operating with a large number of open shares or stale users that is increasing the potential attack surface?
Regular and proactive auditing of environment and security states is an essential part of ensuring data is being stored in the most secure way possible.
When you start to look at this all together, you may think to yourself that you are going to need to implement three or four security solutions to tick all those boxes. Fortunately, a good Data Security Platform like LepideAuditor will enable you to do all those things from one handy console.
If you’d like to see the solution in action, schedule a demo with one of our engineers today.