The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks.

Typical controls such as encryption, data loss prevention (DLP), access controls, tokenization and configuration checks may not have been applied in every case. The current situation has placed a greater focus on the need to reduce risks to the organization’s data assets due to the expanded attack surface.

Addressing New Cybersecurity Risks

Given this scenario, one component in the data security arsenal, monitoring of data access and activity, has become vital in helping to protect sensitive data. Data activity monitoring (DAM) can identify and prevent potential malicious activity across operating environments, providing real-time alerts and notifications. Managed data activity monitoring services address skill shortages and allow organizations to realign resources to focus on other business needs.

Managed DAM services are available 24/7, helping to protect structured and unstructured data within applications, files, databases and data warehouses as well as big data and hybrid multicloud environments. Managed DAM can observe the integrity of critical information across these domains, in real time, and can automate the appropriate compliance controls. Organizations gain the ability to report who is accessing specific types of data and whether any unauthorized attempts have been detected.

Data activity monitoring services also include real-time monitoring and audits of data activity, using cognitive analytics and threat detection analytics to identify potential security breaches. DAM can generate alerts and exceptions and facilitate the escalation of security incidents (policy violations) to the security operations center (SOC).

There are many benefits to using managed DAM services, but one key benefit is the 24/7 coverage and ability to identify new threats sooner due to a broader view of industry events by service providers. These services are a key component of enhanced security measures within a data protection program.

Choosing the Right Managed DAM Services

Organizations seeking to implement managed DAM services should consider the following when making their service provider selection:

  • Environment coverage of the solution
  • Platforms monitored
  • Provider expertise
  • Coverage options
  • Speed of alert notifications
  • Regular device health monitoring
  • Solution integration with the SOC
  • Reporting capabilities
  • Compliance supporting reports
  • Policy management
  • Patch management and upgrades
  • Steady-state solution optimization and tuning

Remote work has become the new norm, necessitating that organizations implement better defenses. Data activity monitoring should be given strong consideration to help thwart potential data breaches and enhance security. Managed data activity monitoring services are a key component within a data protection program and one that will complement existing cybersecurity measures.

Learn more about IBM Security’s COVID-19 response and the most important considerations and actions to take now.

Learn more about IBM Security Database Activity Monitoring Services

More from Data Protection

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today