Cybersecurity from the Inside: Protecting Structured, Unstructured, & Semi-structured Data
Permissions management is also critical. Especially in organizations such as large as communications service providers, where users frequently change roles. The accounts receivables clerk who got promoted to marketing sales rep should no longer have access to credit card information. Enhanced permission management, combined with data classification, adds an additional level of compliance control and security by ensuring that only certain roles are allowed to read or modify information like credit cards. Permissions management also entails keeping track of who reviewed, approved, and revoked access. Being able to tie granted access to those approved is critical for security investigations as well as compliance audits.
Real-time protection is the ideal; you need to be able to identify who has violated organization access policies as they happen. Time is of the essence when dealing with data protection; the access policy solution must identify violations and respond to them in real-time.
Cybersecurity and compliance
Operators are awash in structured, unstructured, and semi-structured data, whether in SAP or Oracle systems, homegrown billing solutions, roaming systems, reporting systems, or other support systems. They need to report to multiple local, regional, and national government regulators, financial regulators,and industry standards associations, among others. Audit and discovery expenses can escalate into the millions of dollars. Compliance should be an integral part of every data access governance and cybersecurity system, allowing the easy creation of reports, the ability to generate information about activities in real-time, and easily perform forensics to ensure that everything has been done as it is supposed to have been – and have a clear audit trail when it wasn’t.
Compliance for strengthening cybersecurity needs to occur on an ongoing basis. Companies shouldn’t focus on reporting and then become lax on enforcement. Compliance itself should not be a focus of cybersecurity; it should be the natural consequence of ongoing cybersecurity activities. Real-time monitoring is key, as it allows you to catch any breaches immediately and stop them. Systems also need to be in place to address any breaches immediately, for both data loss control and public damage control. To do this you should:
- Get everyone in the organization involved in the process. Create individual and departmental performance metrics to encourage and reinforce compliance with both compliance and cyber-security.
- Protect yourself against a full range of scenarios by having strong rules-based compliance and data access governance that allow you to.
- Alert the CISO when someone is accessing sensitive information through VPN (ungoverned workstation).
- Catch and respond to over-exposing permissions changes as they happen, for example, whenever someone grants everyone access on a folder that contains sensitive information.
- Notify the organization’s security operations center when someone from IT accesses sensitive business data.
- Understand what compliance controls are violated, and by whom, not only before an audit, but all the time, in real time.
- Being able to automate a great deal of the audit process and avoid audit day surprises, can be directly translated to saving money on fines and loss of reputation while keeping regulators happy.
Benefits of an active system
The benefits of an active system are numerous. Such a system tracks sensitive data. Organizational data stores such as file servers, NAS devices and SharePoint portals store tens of millions of files. Information is constantly being added, duplicated, edited, and very rarely deleted. An active system helps identify data owners and delegate responsibilities. Data owners usually are the creators of the information; they know who should have access to their information. They also have the motivation to take active part in protecting it. Active systems streamline compliance with access requests management, access reviews, and compliance controls and the more control IT has about who is accessing the information, the better.
