
About the author
From security architecture to data management, Cory Retherford brings 20 years of technical experience to his position as Principal Advisory Solutions Engineer at Spirion providing real world solution implementation strategies within large and complex environments. With a focus in data security, privacy, and operational data security risk reduction, Cory believes in protecting sensitive data because privacy matters to us all.
If you and your organization feel like you are suffering from alert overload, you aren’t alone. The average security operations team receives 11,000 alerts every day, one-third of which are false positives. This volume is not only overwhelming, but the inaccuracy hurts overall security functions and slows down business operations.
However, when alert results have a higher level of accuracy, organizations see improved end-user productivity, security team operations, and compliance team workload. By requiring less effort to audit and by improving response efficiency, teams can conduct data governance optimization more quickly. Higher accuracy comes with clearer visibility into your data, meaning IT architecture can be adjusted based on actual requirements needed to protect the most sensitive data. Knowing your data and where it exists reduces the potential for non-compliance penalties and fines. Being able to locate the sensitive data impacted can quickly reduce the negative effects of a potential breach.
Unless you can rely on accurate sensitive data scan results, your organization risks inappropriate application of security controls because of false positives. A zero-trust approach will give you greater insight into the context of your data and infrastructure, allowing you to build better processes around data protection and to make better decisions surrounding risk.
Improving Your Approach to Data Discovery
One thing those false positive alerts should show you is how difficult it is to meet data privacy regulations. And it won’t get any easier if you don’t act now. Data grows and becomes more complex, and every month seems to bring new privacy regulations that must be followed to avoid penalties. Going forward, you don’t just have to deal with addressing those false positives, but also making sure you know where the data is coming from and how to ensure that you are meeting the data privacy standards of the consumer’s place of residence. If it sounds complicated, it is.
That’s where data discovery tools come into play. The value of sensitive data discovery extends beyond IT management of data. An accurate data discovery tool will reveal which sensitive data was on a compromised, lost, or stolen device months ago. It will give you the information needed to react quickly to legal, compliance, or IT security process. So, if you need to conduct a PCI audit, you can work with a QSA to scope those devices under the PCI umbrella. If your organization must comply with GDPR, CCPA, or any number of U.S. state laws and you receive a DSAR request, you can act on that efficiently. The value gained by having a process at the center of all sensitive data discovery is vital.
Improving your approach to data discovery to meet compliance regulations is something some organizations ignore. They operate under a misguided belief that they know exactly where their sensitive data is located and what that sensitive data is. However, most organizations don’t understand how their data has sprawled and multiplied – for example, how redundant data sits across multiple devices and databases. The less you know about your data, the more susceptible you are to a data breach. With the cost of a single lost record averaging $150 and the size of the average breach impacting more than 25,000 records, your costs could add up quickly.
Automation over Manual
While some organizations attempt to conduct their discovery process manually, these processes tend to be inefficient and cumbersome. They are unlikely to provide a comprehensive understanding of your sensitive data footprint. Using an automated solution, however, offers a more accurate discovery, classification, and remediation, allowing for better protection of sensitive data and enabling organizations to make more informed decisions surrounding the data lifecycle. It’s possible to better determine which repositories offer the most protection value based on the types of sensitive data and then prioritize device security controls. The result is a better alignment for the privacy program, improved security across your organization, and streamlined compliance processes.
With increased accuracy, you can more readily rely on the automated processes to classify types of data properly and rely on remediation actions. Using tools like Spirion affords high accuracy and can help the decision process for applying safeguards to those locations that have sensitive data.