Take control of enterprise data by hard coding its DNA
Persistent security controls provide invaluable data history in case of an accidental or malicious breach
By Tony Gauda, Special to ThirdCertainty
Data is widely regarded as a top asset for organizations. And for good reason. Enterprises analyze it to glean insights for making data-driven decisions; internet giants like Google and Facebook collect and sell data for profit; marketing departments leverage it to identify new customers and cultivate loyalty with existing ones; and federal agencies use it to track investigations for national security purposes. While the uses may vary, gaining a competitive edge is a unifying theme among organizations prioritizing data.
While data is an asset that should be tracked and managed throughout its entire life cycle, organizations aren’t doing so well given that instances of data breaches are at an all-time high. In 2016 alone, there were 980 breaches with nearly 35,233,317 records exposed. Unfortunately, the negative impact of a data breach can be extensive and costly. For instance, take the breach of the Office of Personnel Management (OPM).
Cyber criminals got away with confidential data associated with more than 21 million former and existing employees, including more than 19 million individuals that applied for security clearance. The breach also exposed Social Security numbers, military records, history of residence, demographic details, fingerprint records, information about immediate family members and more. And the cost to merely protect victims of the breach from identity theft was over $133 million.
Hackers aren’t only ones to blame
Whether it’s a malicious insider, careless employee behavior and/or malware, data is always at risk of being stolen. With insider threats, an existing or previous employee or partner with inside access may use legitimate corporate credentials to access and steal data for personal gain and/or to hurt the organization.
For example, Edward Snowden leaking NSA documents, the Booz Allen Hamilton contractor who was arrested for stealing classified computer code, or more recently, the alleged theft of Alphabet’s confidential files by a former employee.
But employees don’t need to be malicious to cause damage, which is why they are often regarded as the weakest link in enterprise security. It’s not uncommon for a well-meaning employee to unknowingly share files without permission, or open an attachment carrying dangerous malware. This has led cyber criminals to increasingly deploy advanced malware that circumvents traditional security defenses undetected to gain access to private networks and data.
Combat breaches with emerging technology
The constant threat of a data breach is a real one, and organizations across industries are going to have to change their way of thinking about cybersecurity and defense. Rather than focusing on investments in detection and prevention, organizations must apply persistent security controls to their data that enable IT to monitor and log all data interactions so that in the event of a breach, IT can perform investigations with complete historical context.
Data is a priority asset for businesses and cyber criminals. As such, organizations must have complete visibility into how data is used, stored and shared within the organization, regardless of where it resides and where it ends up. By wrapping files with a layer of protection hardcoded into the data’s DNA, emerging cybersecurity technology is able to provide visibility into the flow of data and empower organizations to control it wherever it goes.
More stories related to data security:
As threats multiply, more companies outsource security to MSSPs
When it comes to security, don’t give employee education short shrift
Managed security services help SMBs take aim at security threats