Article by Digital Guardian EMEA VP and GM Jan Van Vliet
For most organisations nowadays, the network – in its traditional sense – no longer exists. With the proliferation of connected devices, data is no longer confined to four walls. IT teams’ concerns need to shift from worrying about who or what enters the network to focusing on the data itself – where it’s going, who’s accessing it and how is it being used.
Here are five steps to get you started:
First things first. Understand what you’re dealing with. Get to grips with what data needs protecting and the level of protection it needs. Step one is discovering the data (regardless of where it resides). Step two is to determine appropriate categories. Step three is to identify the sensitivity of that data – and prioritise security efforts on the most sensitive data first. And step four is to outline policies and procedures that allow employees and others who come in contact with the organisation’s data to operate within the framework of compliance.
Advanced attacks do not occur at a single point in time. Neither should your surveillance. To protect data effectively, an organisation must consistently and continuously monitor, identify and classify data as it is created or modified. Constant data surveillance signals that you are serious about data protection. Data protection is not a stand-alone task – it is an on-going journey.
Data loss prevention (DLP) is a critical part of comprehensive data-centric security. However, effective DLP implementation requires active participation from the organisation; it is not a “set it and forget it” platform. Effective DLP requires a contextual understanding of three factors: what actions may be taken with data, by whom and under what circumstances. As new data is created and people come and go, these policies will need to be adapted and updated. DLP is a constant process of understanding your data and how users, systems, and events interact with that data to better protect it.
Regulations such as the GDPR represent efforts to ensure that organisations are taking the right steps to protect sensitive data. But the protection of sensitive data is more than simply ticking the regulatory compliance box. Organisations should shift efforts towards expanding their objectives from simply focusing on the regulation aspect to protecting data from all threats. A data-centric security solution will tick both boxes.
Traditional DLP solutions focus solely on the actions of the insider and lack an awareness of external threats that target data. External threat actors aim to gain the access rights of an insider. Without threat intelligence and knowledge of unusual behaviours, DLP solutions are somewhat ineffective. It is paramount that the IT team is able to see, understand and stop external threats in action. A security product that protects data, without contextual awareness, will likely lead to data loss. Effective data protection requires organisations to understand and identify the root of an attack as fast as possible to prevent it from evolving and becoming a real problem.
Moving away from a traditional network focus to protect sensitive company data is undoubtedly the way forward in the age of digital transformation. With the perimeter now a borderless entity, IT teams must focus on protecting data, no matter where it travels or resides. Through a mixture of data classification, protection and threat intelligence, organisations can ensure greater protection of data at all times.