data, which does not have a defined data for- mat, such as a database. While the most com- mon type of unstructured data is text, it can also include pictures, audio, video, website, network and application logs, social media, medical records, financial transactions, and sensor data from Internet-of-Things (IoT) devices, among other data types.
Unstructured data comprises about 80 percent of an organization’s data. It is the fastest growing, least controlled type of data–and it’s a highly valued asset within the enterprise. The dilemma for security profes- sionals is how they can effectively manage the huge volumes of unstructured data that are shared across all types of documents and formats and spread internally and externally.
Six Strategies for Securing Your Data
Security professionals need to take a radical- ly different security approach to safeguard unstructured data and address the realities of data sharing in today’s enterprise. Follow- ing are six key strategies:
Expand your coverage protection. To prevent security breaches before sensitive information becomes exposed, you have to make sure that you’re covering what’s impor-
tant. But that is often easier said than done in today’s cloud-first environment. The best way to tackle that challenge is to take the zero trust approach and protect all data by default, instead of relying on users to accu- rately identify what’s important. Zero trust is also a much easier approach, allowing se- curity professionals to simply release specific files that don’t need protection.
Consider the context. You can use con- textual information, such as the requestor’s location, device or content of the data to de- termine the level of security that is needed. For example, it is more likely that confiden- tial information will be created by an organi- zation’s executives rather than those on the front lines. By using context-based security, the most sensitive and timely data, such as financial reports from an ERP system, can be classified and protected automatically.
Don’t overlook internal threats. It was easier when security professionals knew that breaches were only coming from ex- ternal sources. Now, that’s no longer the case. Up to 43 percent of data breaches are caused by insiders. Disgruntled employees, collaboration, and inadvertent sharing can lead to security breaches and the spread of confidential information. Internal threats
also include events such as phishing, mal- ware on devices, using devices in unsecured public networks, downloading unauthorized applications, and more. To be effective, to- day’s security procedures must treat internal threats with the same level of importance as external threats.
Don’t depend on people. Given the re- alities of human behavior, security measures that depend on people to do things typically fail. This is especially true for security since it’s usually not in the best interest of the user to make data harder to access. Whether people forget, are too busy, make a mistake, or it’s just an oversight, it’s too easy for con- fidential information to go unprotected. Au- tomate security in a way that is seamless to end-users, so they don’t try to circumvent it. Look for solutions that automatically protect data regardless of how it moves from place to place. Agnostic solutions should not care if the data is sent or stored in email, a mes- saging app, a public cloud, or a file server.
Use encryption. Security solutions encrypt data so users without permission cannot ac- cess it. Today’s encryption standards are very effective. AES256, for example, meets the requirements for “Top Secret” classified in- formation. Encryption should be automatic and the process invisible to users. Don’t force them to enter passwords or to manually apply encryption before sharing files because it be- comes too difficult and often fails. Make sure the encryption protects the data at all phases: at rest, in transit, and in use.
Follow the content – derivative works. Because enterprise users typically re-use and share information, security professionals need to make sure that they are protecting derivative works no matter what form the data takes throughout its lifecycle. For ex- ample, if a user copies sensitive information exported from a financial ERP system from a spreadsheet into a presentation, it should still be protected. This requires that data be tracked and followed throughout its lifecycle because it’s content that is really the impor- tant asset, not a particular file.
When it comes to security, we’ve entered a brave new world. The old rules of depend- ing on the perimeter and focusing on external breaches no longer apply. Those companies that take a zero trust data-centric approach and adopt the cloud-first mindset of securing their data everywhere and at all times, will be in compliance, be more productive and effec- tively protect one of their
most valuable assets–the
proprietary data that lies
at the heart of their com-
petitive advantage.
Jeff Capone is co-founder and CEO of SecureCircle.
0418 | SECURITY TODAY
DIGITAL SECURITY
solution you specifically need.
www.dortronics.com • 1.800.906.0137
Intelligent Interlock Door Solutions
Dortronics offers all of the intelligent interlocking door components you need for virtually any application from 2 to 100+ doors. Our comprehensive portfolio includes our leading line of 4000 Series Interlocks and Mantrap Controllers, control panels, actuators, pushbuttons and switches, LED indicators, exit alarms, magnetic locks and power distribution products. All available from stock or customized to ensure you get the comprehensive interlock door
Proudly made in the USA
40
Go to sp.hotims.com and enter 40 for product information.
Lindsay,
From simple 2 door mantrap and sally ports to complex multi-door interlock solutions – Dortronics
has it all covered.
— Bryan