Cybersecurity from the Inside: Protecting Structured, Unstructured, & Semi-structured Data

Data is everywhere, exploding, and growing exponentially. It’s structured. It’s semi-structured. It’s unstructured. It’s stored across different platforms, networks, systems, on premise and in the cloud. But, it all has one thing in common: data is data, and it all needs to be controlled and protected.

Data is critical intellectual property at the core of the business. Meanwhile, its volume – we’re talking exabytes here – has spiraled out of control and become unmanageable. The larger the organization, the greater the data sprawl, exacerbating the danger from internal and external threats such as social engineering, malicious activities, corporate espionage, theft, and even simple errors.

Who’s accessing your data? Should they be allowed to? You need systems in place that will protect it. You need intelligent solutions that can determine who can and has accessed structured, semi-structured, and unstructured data to ensure that unauthorized data breaches can be easily prevented and detected.

All companies should be able to do the following:

• Determine the data’s degree of sensitivity;
• Monitor who is actually accessing the data;
• Understand who can access which types of data, via what means, and within what parameters (time of day, department, devices, etc.);
• Detect unauthorized access in real-time;
• Track data access patterns;
• Automatically review, assign and authorize access;
• Perform forensics after the fact; and
• Achieve and maintain compliance with regulatory requirements. 

The latest Verizon and Symantec data breach investigation reports demonstrate that breaches are on the rise, especially the ones from within. Internal users are responsible for almost 60 percent of the data breaches, where 88 percent of these breaches involve privilege misuse. At the same time, the amount of data breaches amount have tripled year over year.

The key problem in every organization of any size is "data blindness.” Most IT security teams have no idea about how the data is being utilized, where the sensitive data resides, and who has access to it. Many IT security professionals don’t know where to start or what to do to get a handle on it because of volume and sprawl.

Meanwhile, the business side wants answers. Business users want to know who deleted their data. The auditors want to make sure that the company complies with the incredible volume of regulations operators need to fulfill, well beyond SOX and PCI.

To protect and govern data, you need to be able to answer the following questions:

• Where does the sensitive data reside?
• How do we classify data: content, metadata, or usage?
• How do we identify sensitive information like Personal Identity Information (PII) or credit card information (PCI)?
• Who is accessing what, in real time?
• Who has changed privileged groups’ membership?
• What user, machine, and data context is necessary to fully identify all actions?

Complete data access governance for enhanced cyber security requires that management, IT, and the auditors have complete visibility into users’ permissions across all the organizational applications. They must be able to easily identify over-exposed information inappropriately accessible to many, such as the CEO’s inbox.