The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks.

Typical controls such as encryption, data loss prevention (DLP), access controls, tokenization and configuration checks may not have been applied in every case. The current situation has placed a greater focus on the need to reduce risks to the organization’s data assets due to the expanded attack surface.

Addressing New Cybersecurity Risks

Given this scenario, one component in the data security arsenal, monitoring of data access and activity, has become vital in helping to protect sensitive data. Data activity monitoring (DAM) can identify and prevent potential malicious activity across operating environments, providing real-time alerts and notifications. Managed data activity monitoring services address skill shortages and allow organizations to realign resources to focus on other business needs.

Managed DAM services are available 24/7, helping to protect structured and unstructured data within applications, files, databases and data warehouses as well as big data and hybrid multicloud environments. Managed DAM can observe the integrity of critical information across these domains, in real time, and can automate the appropriate compliance controls. Organizations gain the ability to report who is accessing specific types of data and whether any unauthorized attempts have been detected.

Data activity monitoring services also include real-time monitoring and audits of data activity, using cognitive analytics and threat detection analytics to identify potential security breaches. DAM can generate alerts and exceptions and facilitate the escalation of security incidents (policy violations) to the security operations center (SOC).

There are many benefits to using managed DAM services, but one key benefit is the 24/7 coverage and ability to identify new threats sooner due to a broader view of industry events by service providers. These services are a key component of enhanced security measures within a data protection program.

Choosing the Right Managed DAM Services

Organizations seeking to implement managed DAM services should consider the following when making their service provider selection:

  • Environment coverage of the solution
  • Platforms monitored
  • Provider expertise
  • Coverage options
  • Speed of alert notifications
  • Regular device health monitoring
  • Solution integration with the SOC
  • Reporting capabilities
  • Compliance supporting reports
  • Policy management
  • Patch management and upgrades
  • Steady-state solution optimization and tuning

Remote work has become the new norm, necessitating that organizations implement better defenses. Data activity monitoring should be given strong consideration to help thwart potential data breaches and enhance security. Managed data activity monitoring services are a key component within a data protection program and one that will complement existing cybersecurity measures.

Learn more about IBM Security’s COVID-19 response and the most important considerations and actions to take now.

Learn more about IBM Security Database Activity Monitoring Services

More from Data Protection

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…

The Importance of Modern-Day Data Security Platforms

Data is the backbone of businesses and companies everywhere. Data can range from intellectual property to critical business plans to personal health information or even money itself. At the end of the day, businesses are looking to grow revenue, innovate, and operationalize but to do that, they must ensure that they leverage their data first because of how important and valuable it is to their organization. No matter the industry, the need to protect sensitive and personal data should be…

Meeting Today’s Complex Data Privacy Challenges

Pop quiz: Who is responsible for compliance and data privacy in an organization? Is it a) the security department, b) the IT department, c) the legal department, d) the compliance group or e) all of the above? If you answered "all of the above," you are well-versed in the complex world of compliance and data privacy! While compliance is a complex topic, the patchwork of regulations imposed by countries, regions, states and industries further compounds it. This complexity has turned…