Light Dark
October 1, 2018 By Benazeer Daruwalla 3 min read
Data Protection
Risk Management

We all know that data is the most valuable intangible asset for a digital business. As data continues to grow in volume, variety and velocity, organizations are forced to take a fresh look at their data management and protection practices. In fact, data protection is now front and center in how organizations manage business risks and protect business outcomes, particularly when it comes to unstructured data.

Data Is Changing, and So Should Your Organization

As data becomes more fluid, dynamic and distributed, so do the challenges around protecting it. IDC predicted that the amount of data created will grow exponentially over the next several years and reach 44 zettabytes by 2020.

What does this mean for your organization? According to Forrester, the average organization holds more than 100 TB of unstructured data within its data centers. Another Forrester report noted that sprawling network drives and SharePoint sites are among the top concerns. With this in mind, lack of ownership and governance of unmanaged file share and storage platforms imposes significant hidden risks to an organization’s critical assets.

Unlike traditional data stores such as databases, there is little to no control or predictability of the data in unstructured repositories because access permissions are amorphous and frequently change over time. At the same time, organizations have to deal with evolving compliance mandates, the skills shortage and the proliferation of security tools from an array of vendors.

How to Avoid Unstructured Data Blind Spots

While many organizations have acknowledged and realized the need for data protection strategies and implemented risk mitigation controls such as data loss prevention (DLP) and encryption, very few have taken a systematic approach that encompasses the protection of both structured and unstructured data repositories. Data security tools are often implemented in a siloed and ad hoc fashion, resulting in operational inefficiencies and data security blind spots.

However, this could soon change: According to Gartner, 40 percent of organizations will be consolidating and rationalizing data security solutions into centralized data-centric audit and protection (DCAP) tools by 2020 — significantly higher than the 5 percent that are doing so today. What’s more, the introduction of regulations such as the European Union (EU)’s General Data Protection Regulation (GDPR) and California’s impending Consumer Privacy Act are also forcing organizations to take a holistic look at their data protection programs and expand their scope to unstructured repositories such as files shares.

As these pressures mount, organizations should consider the following five key security and compliance actions to reduce potential blind spots:

  1. Understand your sensitive data footprint through automated file discovery and classification of file content.
  2. Implement intelligent access management by analyzing document metadata to understand the ownership, so the right owners have access to the right data.
  3. Apply out-of-the-box polices to monitor and detect anomalous or malicious file access patterns, then leverage the insights to use remediation controls such as encryption, isolation, archival and/or elimination of redundant and outdated data, and access that may lead to unnecessary business risk.
  4. Minimize compliance costs with automated, auditable reporting, so the right people can get the right reports at the right time, and avoid potential regulatory fines and unnecessary and time-consuming manual work.
  5. Collaborate and partner with a single data protection vendor for centralized visibility and control of all data assets, thereby eliminating the need for diverse vendor technologies, overcoming security blind spots and reducing operational challenges.

Why You Should Invest in Comprehensive Data Protection

The main motivation for an enterprise to invest in a robust cybersecurity program is to build resiliency and ensure continuous availability of its assets. Data protection is the last line of defense and often the most critical one as threat actors continuously develop new tactics to circumvent perimeter controls.

Organizations must ensure that they address data protection requirements in their entirety using discovery, classification and protection controls across all their data assets, irrespective of their type or where they reside. Remember: The highest number of data risks reside in places — such as unstructured data repositories — that are the most intuitive, yet the most ignored.

Explore Guardium Data Protection for Files

 |  |  |  |  | 
Benazeer Daruwalla
Executive Cybersecurity Advisor, IBM

More from Data Protection
November 2, 2023

Defense in depth: Layering your security coverage

2 min read - The more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet or a safe. This provides layers of protection for the things you really don’t want a thief to get their hands on. You tailor each item’s protection accordingly, depending on…

November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 25, 2023

Cost of a data breach: The evolving role of law enforcement

4 min read - If someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breach? A decade ago, when smartphones were still relatively new and most people were still coming to understand the value of data both corporate-wide and personally, there was little incentive to report cyber crime. It was…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature