Story image

Exclusive: Five steps to a data-centric security strategy

18 May 2018

Article by Digital Guardian EMEA VP and GM Jan Van Vliet

For most organisations nowadays, the network – in its traditional sense – no longer exists. With the proliferation of connected devices, data is no longer confined to four walls. IT teams’ concerns need to shift from worrying about who or what enters the network to focusing on the data itself – where it’s going, who’s accessing it and how is it being used.

Here are five steps to get you started:

1. Understand your data

First things first. Understand what you’re dealing with. Get to grips with what data needs protecting and the level of protection it needs. Step one is discovering the data (regardless of where it resides). Step two is to determine appropriate categories. Step three is to identify the sensitivity of that data – and prioritise security efforts on the most sensitive data first. And step four is to outline policies and procedures that allow employees and others who come in contact with the organisation’s data to operate within the framework of compliance.

2. Practice continuous surveillance

Advanced attacks do not occur at a single point in time. Neither should your surveillance. To protect data effectively, an organisation must consistently and continuously monitor, identify and classify data as it is created or modified. Constant data surveillance signals that you are serious about data protection. Data protection is not a stand-alone task – it is an on-going journey.

3. Get DLP right

Data loss prevention (DLP) is a critical part of comprehensive data-centric security. However, effective DLP implementation requires active participation from the organisation; it is not a “set it and forget it” platform. Effective DLP requires a contextual understanding of three factors: what actions may be taken with data, by whom and under what circumstances. As new data is created and people come and go, these policies will need to be adapted and updated. DLP is a constant process of understanding your data and how users, systems, and events interact with that data to better protect it.

 4. It’s so much more than compliance….

Regulations such as the GDPR represent efforts to ensure that organisations are taking the right steps to protect sensitive data. But the protection of sensitive data is more than simply ticking the regulatory compliance box. Organisations should shift efforts towards expanding their objectives from simply focusing on the regulation aspect to protecting data from all threats. A data-centric security solution will tick both boxes.

5. It’s all about the context

Traditional DLP solutions focus solely on the actions of the insider and lack an awareness of external threats that target data. External threat actors aim to gain the access rights of an insider. Without threat intelligence and knowledge of unusual behaviours, DLP solutions are somewhat ineffective. It is paramount that the IT team is able to see, understand and stop external threats in action. A security product that protects data, without contextual awareness, will likely lead to data loss. Effective data protection requires organisations to understand and identify the root of an attack as fast as possible to prevent it from evolving and becoming a real problem.

Moving away from a traditional network focus to protect sensitive company data is undoubtedly the way forward in the age of digital transformation. With the perimeter now a borderless entity, IT teams must focus on protecting data, no matter where it travels or resides. Through a mixture of data classification, protection and threat intelligence, organisations can ensure greater protection of data at all times. 

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.