Data Lifecycle Management
What is Data Lifecycle Management?
Data Lifecycle Management (DLM) is a process that helps organizations manage the flow of data throughout its lifecycle—from creation, to use, to sharing, archive and deletion. Tracking your data accurately throughout the information lifecycle is the foundation of a sensitive data protection strategy and helps you determine where to apply security controls.
Sensitive Data Lifecycle Management
Phase 1: Create
During the first phase, structured or unstructured data is created. It can be in the form of an MS Office 365 document, a PDF file, email, information in a database, or even images. Often in this phase, security classification occurs based on an enterprise data security policy.
Spirion gives you the ability to set up your data security policies and workflows from within a centralized console.
Its proprietary AnyFind® technology performs fast and accurate sensitive data discovery across your entire organization, including within images, on hosted and on-premise email servers, and cloud storage.
With a single click, you can search for any type of data, including personally identifiable information (PII data), protected health information (PHI data) and payment card industry (PCI data)—or, confidential information or intellectual property that is unique to your organization. When a file is created, it is instantly searched, automatically classified, and reported upon based on your sensitive data protection policy.
Phase 2: Store
Once a file is created, it is stored somewhere. At this point, you need to ensure that stored data is protected and the necessary data security controls have been implemented.
Spirion’s detailed reporting and powerful data remediation capabilities allow you to reduce your sensitive data footprint. You can perform data encryption, shred unneeded information, redact toxic data or quarantine files based on your data security best practices. You can optionally include your end users and data owners in these efforts by allowing them to perform sensitive data discovery and data remediation.
By effectively securing your sensitive data, you can reduce the risk of information leak and improve data privacy.
Phase 3: Use
Once a file is created, it is stored and then used. During this stage, data is viewed, processed, modified and saved. Here, security controls are applied to data at point of use. You need to be able to monitor user activity and apply security controls to ensure data leak prevention.
Sensitive Data Watcher™—a component of Spirion—provides always-on monitoring to control data in near real time. When a file is created, copied, edited, detached from an email, extracted from an archive, retrieved from cloud storage, or otherwise modified, it is instantly searched, and automatically classified and reported upon.
Phase 4: Share
Data is constantly being shared between employees, customers and partners, necessitating a strategy that continuously monitors data stores for new instances of sensitive data. Data moves among a variety of public and private storage locations, applications and operating environments, and is accessed by various data owners from different devices and platforms. That can happen at any stage of the data security lifecycle, which is why it’s important to apply the right security controls at the right time.
Spirion enables you to search everywhere, including within Windows, Mac OS X, Linux, emails servers, MS Office 365, images and websites. It uses both content and metadata to identify and classify sensitive data as it is created, modified or shared. Employees are notified about sensitive data in files so they can take appropriate action. Automated, persistent data classification ensures that no matter how many times data is moved, copied or shared, it is categorized and tagged automatically based on sensitivity and your information centric security policy, so you can prevent data loss.
Phase 5: Archive
At some point, data may leave active use and get archived. Once archived, it’s important that the data be both available and protected.
Spirion ensures that archived information is accurately classified. Its centralized management console arms you with detailed reporting and powerful data remediation features such as data encryption, shredding, redacting and quarantining of files.
Phase 6: Destroy
The volume of archived data inevitably grows, and while you may want to save all your data forever, that’s not feasible. Cost and compliance issues exert pressure to destroy data you no longer need.
To prevent data leak, you must ensure that you delete a file securely. Spirion Data Platform gives you the ability to automatically destroy files from a centralized console using a highly secure digital shredder, compliant with the United States Department of Defense Directive, which provides baseline standards for the protection of classified information. Spirion Data Platform uses multiple levels of deletion so that the sensitive data you delete cannot be recovered.
Ensuring the security of your data across its lifecycle can help you improve your enterprise data loss prevention strategy and help you comply with standards, including PCI-DSS and HIPAA.