April 11, 2019
The present day need for effective prevention of data loss by Strategic Security Leaders has never been more necessary based on the following:
- Digital transformation of business processes both external and internal
- Outsourcing of critical and non-critical services to third parties
- Proliferation of the use of mobile channels to access data and applications
- Geographic spreading of the workforce including concurrent work streams
- Rise of regulations such as GDPR, CCPA, HIPAA and Sarbanes Oxley as well as PCI compliance
Today, all of these changes and more are requiring a proactive response by Information Security Officers to protect their data from a plethora of external such as phishing as well as internal attacks. Other than ransomware incidents, the successful breach and theft of customer, corporate and intellectual property data is a real threat based on the continuing avalanche of news reports. Compounding the need to protect your data is the compliance risk posed by numerous regulations regarding the identification and protection of customer personal information. Rather than belabor this obvious requirement, let’s discuss exactly how ISO’s can achieve total protection.
Time, Money, Resources
No matter what your position within the information security office or the burdens leveled upon you by others within your organization, the constraints of time, money and resources are always present regarding DLP. Rather than ignore or minimize these all too real challenges, it would serve us all to directly address each one. To begin, let’s discuss the one restraint that we can never get back, that of time.
Time, the one constant that neither wealth or power or beauty can defend. From the ISO view, it is a all to real reality whether trying to defend or react to a data breach. No supportive literation of facts and figures is necessary; we are all too aware of this nagging burden that dogs our success at every turn. In the case of data protection, it is our constant adversary beginning with the review of probable solutions followed by provisioning the solution, training and implementation, monitoring and reacting and last but not least, reporting and ROI. Many applications have tried to resolve these often competing demands, but few have succeeded. Before you go looking for a razor blade or your next career path, the good news is that leading cyber security solutions have succeeded in providing a timely solution, pardon the pun!
Leading data protection solutions have broken the requirement of time into three distinct actions:
-Rapid discovery of your structured and unstructured sensitive data
-Accurate classification of all the data discovered
-Automatic remediation/protection of all the classified structure and unstructured data
For this first part of three blogs, let’s take the first important and necessary initiative, that of rapid discovery of your structured and unstructured sensitive data.
The phrase “rapid discovery” refers to saving you time by being quick and easy. By automatically discovering both structured and unstructured sensitive data up to petabyte-levels, Leading data protection solutions save you time by quickly searching all of your data on premise, at all end points and in the cloud. We all know that your search time is related to your computing power coupled with the amount of data, number of locations and applications to search. The real time saving difference is the ease to provision the application and then set up and initiate that sensitive data search. A great solution provides that time savings with predefined data sets including regulations such as GDPR, SOX and CCPA. When coupled with an intuitive dash board as well as expert services and advice that the best data protection solutions provide, time is no longer our enemy when it comes to rapid discovery of structured and unstructured sensitive data.