Many organizations are struggling with the growing gap between the vulnerability of critical data and security defenses. New dynamics such as cloud, social, mobile and big data computing are breaking down the traditional perimeter and forcing us to look at security differently. When you’re reviewing your current data security strategy, are you asking yourself these basic questions?
Where Is Our Critical Data?
Do you know where your data is stored? You can’t protect sensitive data unless you know where it resides and how it’s translated across the enterprise. With enterprise expansion activities and adoption of new platforms, as well as consolidation, migrations, mergers and acquisitions, there is always the potential for sensitive data repositories to go undiscovered or undetected. These could very well be the most vulnerable systems to defend from the next attack. Since data is a critical component of daily business operations, it is essential to ensure privacy and protect data no matter where it resides, whether it’s in databases, file shares, data warehouses or Hadoop-based systems. Using data classification can help you discover sensitive data, and vulnerability assessments can help find soft spots in your infrastructure.
What Is Our Critical Data?
What data needs to be protected? Different types of information have different protection and privacy requirements. You need to prioritize your most valuable or sensitive data. Whether it’s data assets such as personal identifiable information, customer data, financial data, intellectual property or other sensitive intelligence, you will need to classify and define these data types, plus determine metrics and policies to ensure protection and report findings. In addition, you can’t lose sight of the importance of the integrity of your data, including unauthorized changes, erroneous modifications and suspicious activity. You need complete transparency in all data processes, which often includes an audit trail that supports separation of duties.
Who Has Access to It?
Not all data and users are created equally. Regulatory mandates and security requirements are compelling organizations to adopt strong, multifactor authentication methods to protect against unauthorized and unidentified access. To safeguard against breaches and attacks that look for vulnerabilities and configuration flaws, you need to set policies for patterns of use and enable alerts when those patterns are not within policy. These vulnerabilities become the gateway that malicious attackers use to circumvent security protections and steal, alter or destroy data. By automating the detection process, you can quickly determine when privileged users or other trusted insiders attempt to access and tamper with data. When an attack is detected, the event can be disconnected or quarantined, following predefined policies.
How Can It Be Compromised?
It’s only a matter of time until hackers find new ways to infiltrate your critical data environments. Detecting new forms of advanced malware and hunting for anomalies requires adding different data sources to your analysis and observing patterns across many event types. You also need to leverage advanced security analytics capabilities to examine and gain insights hidden in large volumes of security data, even across operational silos.
By leveraging sophisticated data monitoring, forensic investigations and security intelligence analytics, you can analyze previous breach patterns to predict potential areas of attack, mine employee systems behavior to identify patterns of potential misuse and monitor the external environment for potential security threats.
How Can I Learn More?
Watch the on-demand webinar, “Bridging the Gap Between Your Security Defenses and Critical Data,” where you will learn how you can gain actionable insights to reduce security risks at all layers and boost compliance across the enterprise. This webinar will cover:
- Architecture and integration points;
- Real-time alerts and reporting;
- Vulnerability assessments according to your risk score;
- Security intelligence event log collection and analytics;
- Actionable insights from security events.
Learn more about protecting your critical data with integrated security intelligence
WW Program Director, IBM Security for Guardium