Most Organizations Fail to Protect Confidential Data: Report
In the modern era, Kessler noted, the traditional network perimeter is dead and it is exceedingly difficult to prevent bad actors from getting into an organization. The real question for Kessler is not about preventing attacks, but about reducing the attack surface and minimizing the risk from exploitation. "Having a policy-based approach that protects the data can significantly reduce the attack surface," Kessler said. "Using policy to determine who can see the data is something in which we believe." There are some challenges with implementing proper policies for data protection, a key one being the fact that many organizations simply do not know that policy-based access can be implemented in the first place, he said. Encryption also plays a role in data protection. There are multiple technology solutions to the problem; one of them is Vormetric's Data Firewall.The system has multiple layers such that the user could be granted access to see the metadata but not the complete data set. So if a user who is only authorized for metadata attempts to view privileged data, the privileged data is encrypted. The data firewall can also control what a user is able to do with data. For example, a root system user can be limited in terms of the actions that can be taken. "It's a very strong control that can reduce the attack surface," Kessler said. Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.
"We have a data firewall that sits on top of the data and then talks to a policy manager," Kessler said. "If anyone tries to access data on the server, the firewall checks to see if the user has the policy access to be able to see the requested data."