Let’s say you’re planning a train robbery in the Old West. Your posse can jump on board at the station, on the route or at the last stop. The same is true of today’s data robbers. There are three main states in which data exists across an enterprise: at rest, in motion and in use. As defenders, we need to ensure data security from creation to disposal and everything in between.

While most of us know how to protect data at rest (i.e., inactive data in storage, such as in databases), the other two states require more complex strategies. Let’s take a look at how to provide data security along the whole journey.

Tension Between Data Security and Governance

Organizations collect a tremendous amount of data from a lot of sources. Any of these sources might contain sensitive data. We often relocate data for warehousing, reporting, analytics, storage, testing and application use. Therefore, that data or artificial intelligence (AI) models might be copied multiple times, resulting in misuse. Gartner estimates that backup and archiving of personal data represents the largest area of privacy risk for 70% of businesses, up from 10% in 2018.

The rise of newer platforms, such as cloud and data lakes, can make the issue even worse. Organizations often feel a natural tension between data governance, data security and innovation. A well-governed, secure environment can spur innovation and make people more productive.

Learn about IBM Security Guardium Insights

Data Security in Motion: Leaving the Station

The first data ‘location’ we need to worry about is when the data is in motion. When data is in motion, it travels within or between information systems. Using the cloud, big data tech and disparate tools from multiple vendors can all make this step more complex.

Data in motion is at risk from ransomware attacks and data breaches. Most likely, you’re already using encryption in this stage to help make sure they can’t use that data if someone steals it. Think of encryption as the first and last line of defense.

You can take several steps to protect data in motion. A good place to start is knowing what data you need to protect and where it is located. Customer and financial data are obvious choices for encryption, but many companies fail to realize that even older, seemingly less important data can contain sensitive information. This is partly because what constitutes personally identifiable information (PII) has broadened a lot in the last decade.

Controlling and monitoring data access and activity is an important part of any data security strategy. Find out more about how to balance data security with frictionless access to data.

Data in Use: The Journey and the Arrival

In our train metaphor, data is in use when it arrives at the station. Data is in use when applications process it, when it’s transformed or changed and when enterprise users view it. The primary goal in governing data in use is to minimize the likelihood of data misuse across the enterprise.

More and more departments may express the need to manage and access data. So, leaders need to focus on streamlining data operations to be more efficient and improving data quality, findability and governance. That allows them to provide an efficient, self-service data pipeline to the right people at the right time from any source.

At the heart of a strategy for data in motion often lies a data catalog. The tool creates and automates policies for enterprise-wide categorizing and classifying all company data, no matter where it resides. This means the right data security measures are in place while data remains at rest. Other defenses might be triggered when people access, use or transfer sensitive data. The modern data catalog should also include other functions such as data masking, user-based access controls for discovery and risk assessment of unstructured data.

Learn More About Data Security and Governance

In truth, you aren’t the train robber in this metaphor: you’re the one installing the locks. Data security and governance are your tickets to not only speed up analytical processing and insights but also to meet compliance needs. While the data volumes are extensive, machine learning and AI practices are helping to overcome the limits of human scale with such tasks as data mapping, activity monitoring, cataloging, matching large data volumes and sustaining data quality. Customers can deliver these operations at scale to cover millions of data assets with a unified privacy framework.

Want to learn more? Register for the workshop “Build your Business Case for Data Privacy” here.

More from Artificial Intelligence

Data Privacy: How the Growing Field of Regulations Impacts Businesses

The proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. Today's AI Solutions On April…

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly complex IT environments and subsequent security tooling The ability to act on the insights from their security tools including security information and event management software…

4 Ways AI Capabilities Transform Security

Many industries have had to tighten belts in the "new normal". In cybersecurity, artificial intelligence (AI) can help.   Every day of the new normal we learn how the pandemic sped up digital transformation, as reflected in the new opportunities and new risks. For many, organizational complexity and legacy infrastructure and support processes are the leading barriers to the effectiveness of their security.   Adding to the dynamics, short-handed teams are overwhelmed with too much data from disparate sources and…

What’s New in the 2022 Cost of a Data Breach Report

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. New research in this year’s report also reveals for the first time that 83% of organizations in the study have experienced more than one data breach and just 17% said this was their first data breach. And at a time when…