The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks.

Typical controls such as encryption, data loss prevention (DLP), access controls, tokenization and configuration checks may not have been applied in every case. The current situation has placed a greater focus on the need to reduce risks to the organization’s data assets due to the expanded attack surface.

Addressing New Cybersecurity Risks

Given this scenario, one component in the data security arsenal, monitoring of data access and activity, has become vital in helping to protect sensitive data. Data activity monitoring (DAM) can identify and prevent potential malicious activity across operating environments, providing real-time alerts and notifications. Managed data activity monitoring services address skill shortages and allow organizations to realign resources to focus on other business needs.

Managed DAM services are available 24/7, helping to protect structured and unstructured data within applications, files, databases and data warehouses as well as big data and hybrid multicloud environments. Managed DAM can observe the integrity of critical information across these domains, in real time, and can automate the appropriate compliance controls. Organizations gain the ability to report who is accessing specific types of data and whether any unauthorized attempts have been detected.

Data activity monitoring services also include real-time monitoring and audits of data activity, using cognitive analytics and threat detection analytics to identify potential security breaches. DAM can generate alerts and exceptions and facilitate the escalation of security incidents (policy violations) to the security operations center (SOC).

There are many benefits to using managed DAM services, but one key benefit is the 24/7 coverage and ability to identify new threats sooner due to a broader view of industry events by service providers. These services are a key component of enhanced security measures within a data protection program.

Choosing the Right Managed DAM Services

Organizations seeking to implement managed DAM services should consider the following when making their service provider selection:

• Environment coverage of the solution
• Platforms monitored
• Provider expertise
• Coverage options
• Speed of alert notifications
• Regular device health monitoring
• Solution integration with the SOC
• Reporting capabilities
• Compliance supporting reports
• Policy management
• Patch management and upgrades
• Steady-state solution optimization and tuning

Remote work has become the new norm, necessitating that organizations implement better defenses. Data activity monitoring should be given strong consideration to help thwart potential data breaches and enhance security. Managed data activity monitoring services are a key component within a data protection program and one that will complement existing cybersecurity measures.

Learn more about IBM Security’s COVID-19 response and the most important considerations and actions to take now.