It’s 12 O’Clock – Do You Know Where Your Data Is?

Featured article by Scott Masson, VP Product Management, TITUS

It’s estimated that 90 percent of the world’s data has been created in the last two years. Data is flowing in a virtual avalanche that will likely only continue in volume and speed. It flows between colleagues and work groups and among the proliferation of network and cloud repositories. The ease and convenience of data sharing today means that your sensitive data could be anywhere. Collaboration is a pivotal component of business, but it must be tempered by the need for data protection.

Back in the good old days—not that long ago, actually—there was no such thing as a digital file. Someone typed up a document on a typewriter, perhaps photocopied it a few times, but it was easier to trace and control. Today, the reality of information sharing paints a vastly more complicated picture.

These days, an employee—let’s call her Susan—creates a draft, sends it around to a few people for an initial review and then incorporates their feedback into the next version. From there, she finalizes the draft and sends it to the boss for review. She then sends the completed revision to its final audience via email, posts it in SharePoint or saves it to a network drive (among numerous other options). And what about the other people with whom she shared it? Did they download their own copies to save their changes? Did they send it to someone else within the company to get further input? Did someone save it to the Cloud to read at home later? The document that started as a single file may now exist in many places. It’s obvious how quickly a data footprint expands.

Saving a document to the Cloud is an example of the external factors impacting this data. Options for data storage are expanding, with cloud storage becoming more common, and the costs to store data rapidly decreasing. Combined, this means that everyone has cheaper and easier access to huge data storage locations.

As for the document Susan created, did it contain sensitive information? Did she include intellectual property (IP) in it? Personally identifiable information (PII) or health information (PHI)? A coworker might be able to guess by the file name, but the point is that you never want to have to guess – and you certainly don’t want highly sensitive information breached. Many CISOs will tell you that one of their biggest data concerns is how little they understand their full data footprint – what data they have, where it is and who has access to it.

Keep Data Working for You – Not Against You

Data is a treasure that can turn on you. Analyst wrote in the recent Forrester report, Know Your Data to Create Actionable Policy, that“Data is a valuable asset that morphs into a liability when improperly handled.” The analyst firm went on to recommend using tools to help discover data so that it can be properly identified and classified, saying that applying identity and tagging data packets with identity attributes allows users “to determine the business criticality of any piece of data and thereby protect it more effectively…Data creators can use classification tools to tag data” appropriately.

As you vet data classification solutions, look for those that match with your organization’s requirements for:

– Securing files by automatically encrypting them based on data sensitivity rules and on whether this additional layer of protection can be added based on the details of the file itself or its location.

– Finding and classifying the masses of data stored on premises or in the Cloud, including on network file sharing services.

– Regularly scheduling scans to classify files automatically based on factors like the file properties/attributes, content and/or metadata.

– Gathering file information during scans, including access controls, file properties and classification (pre- and post-scan) to determine what the data is, where it is and who has access to it.

– Finding and quarantining files stored inappropriately, flagging files for follow-up or taking action based on results of the scan. This may include updating security policies or re-educating your users on the treatment of sensitive data.

– Augmenting the ability of DLP, ERM and other security solutions to apply the appropriate controls based on classification.

– Optimizing data identification policies and data storage solutions, analyzing results to minimize data at risk and monitoring classification activities.

Data Classification in Action

In a world of non-stop data avalanche, organizations need solutions that can manage their data protection strategy in an automated, efficient manner that adhere to compliance regulations and lift some of the burden from IT’s shoulders. These solutions will help organizations find, classify and safeguard their unstructured data with confidence in their ability to share it securely as well. Better data loss prevention and peace of mind will be the result.

About the author:

Scott Masson brings over 16 years of professional experience in enterprise software to TITUS. Previously, Scott was the Business Unit Executive for the Cognos Business Intelligence product management team at IBM Corporation. He also worked for Environmental Systems Research Institute (ESRI), where he led their product management efforts to integrate GIS technologies into enterprise BI systems.