These days, data security breaches are more — and more expensive — than ever. The average total cost of a data breach is now $3.8 million, according to the “2015 Cost of Data Breach Study.” In the last year alone, we have seen many company records stolen, resulting in loss of sensitive data, compromised brand reputation and huge costs incurred. The vast majority of value in most businesses rests in intellectual property such as customer data, product designs, sales information, proprietary algorithms, communications, etc.
Damaging Hacks Negatively Impact Business
The most damaging security incidents are those that involve the loss or illicit modification or destruction of sensitive data. Think of high-profile cases such as:
- Community Health Systems: In August 2014, information on 4.5 million patients was stolen in a cyberattack.
- UPS: A reported data breach may have occurred in 51 UPS stores, leading to the theft of customer payment information.
- Sony: Details continue to come out about the Sony breach. In early December 2014, cybercriminals leaked five unreleased movies along with some employees’ Social Security numbers.
- The U.S. Office of Personnel Management (OPS): Leaks affected 18 million government employees, including those with high security clearances.
- Ashley Madison: Data from almost 40 million user accounts on the website was lost, including names, credit card information and other personal details.
Many security systems do a good job focusing on perimeter security, but they often forget to secure this sensitive data that sits at the heart of most businesses. And so it raises the question: Are you doing enough to protect the sensitive data that runs your business?
For effective data protection, organizations need to be able to support three core capabilities: analyze threats to sensitive data and automatically uncover risks; control and protect sensitive data; and adapt to change to keep up with emerging and ever-changing data security requirements.
The Data Security Triple Crown
Let’s take a closer look at what it takes to win the Triple Crown of sensitive data protection — and to ensure you have comprehensive data security.
You might be wondering what analytics has to do with data protection. Analytics is an essential part of being able to uncover threats and identify real risks. When it comes to cost efficiency and the changeable nature of data, security teams cannot manually determine where all sensitive data resides or keep up with it as it is shared and moved around. For successful data protection, you need a solution that can automatically discover and classify sensitive information in a way that makes sense to the individual business, and it needs to be easy to work with.
Entitlement management capabilities are also essential to automate the enforcement of security policies — for example, masking data at the right time or blocking access to sensitive data. Lastly, sophisticated analytics capabilities such as outlier detection and forensic analytics need to be part of your solution so that you are able to understand what’s happening to your sensitive data as it’s happening and put a stop to risky behavior.
Once you have analyzed and identified sensitive data and established the right entitlement levels, you can start protecting data. Protecting data has a few elements to it, including:
- Shielding the business from financial risk with automated data compliance and extensive audit capabilities;
- Controlling sensitive data through functions such as encryption, masking, redaction, dynamic blocking, alerting and quarantining nonstandard activities;
- Leveraging real-time activity monitoring and blocking capabilities to prevent illicit internal and external access to sensitive data and material.
A comprehensive data protection solution should be able to capture and examine all sensitive data traffic, including local access by privileged users. Maintaining separation of duties is also an important part of the sensitive data protection equation. Then, when it comes to actually protecting sensitive data, solutions need to offer a full range of data protection capabilities such as encryption, static data masking and redaction capabilities and dynamic data masking, as well as the blocking, alerting and quarantining of suspicious users and abnormal access requests. These activities should occur wherever sensitive data resides, including databases and marts, cloud environments, big data platforms and others.
As IT landscapes change and shift to accommodate new users, new data types and new technologies, data protection solutions must be able to adjust to the evolving environment. Leaving gaps creates additional vulnerabilities, which leaves you open to risks.
Robust data protection solutions should be able to adapt in a few important ways:
- Support traditional as well as disruptive data technologies such as Hadoop, NoSQL and cloud.
- Easily expand to grow from focused approaches, such as supporting compliance requirements to support end-to-end data protection.
- Leverage a single data protection infrastructure — one that can automatically adjust to your data security requirements — across the entire data environment to help reduce costs and improve results.
- Support a heterogeneous environment across databases, big data platforms, applications, cloud vendors, SIEM solutions and more.
The Race to Protection
If your data security solution has the ability to analyze, protect and adapt, you are able to provide comprehensive data protection for your organization and are well on your way to winning the data security Triple Crown. If you are only able to support one or two of these requirements, however, you most likely have some gaps in your protection plan that need remediation. Gaps create vulnerabilities in data protection that lead to increased risks and could ultimately result in the loss of sensitive data.
By winning the data security Triple Crown, you are able to reduce risks and enable the business to keep the sensitive data that it needs to succeed.