Why Securing Unstructured Data Is Becoming a Strategic Priority

By Chris Preimesberger  |  Posted 2014-05-29 Print this article Print

It may be a surprise to some people, but enterprises lose control of entire petabytes of data on a fairly regular basis. More than 80 percent of organizational data is unstructured and resides everywhere: file servers, NAS, SAN, portals, mailboxes, the cloud, the data center—you name it. Companies of all sizes need to understand who can access which types of data, via what means and within what parameters (time of day, department, etc.). They need to be able to determine what data is sensitive, monitor who is accessing it, automatically track data access patterns, and assign and authorize access. Reducing or eliminating social engineering, malicious activities, corporate espionage, theft and even simple errors prevents data and reputation loss and reduces corporate and individual liability. No one wants to be fired for leaving data unprotected. This eWEEK slide show, which highlights 10 reasons IT managers need to implement secure data governance for unstructured data, is put together with eWEEK reporting with industry perspective from Maor Goldberg, CEO of Whitebox Security, which specializes in protecting and managing data.

  • Why Securing Unstructured Data Is Becoming a Strategic Priority

    by Chris Preimesberger
    1 - Why Securing Unstructured Data Is Becoming a Strategic Priority
  • Track-Sensitive Data

    What does sensitive information looks like? Where is it located? Who can access it? Organizational data stores are live organisms in which information is constantly being added, duplicated, edited and deleted. Awareness of the different types and locations of sensitive data and who has and who should have access is complicated—and critical.
    2 - Track-Sensitive Data
  • Identify Delegate Responsibilities and Data Owners

    IT departments struggle to manage exponentially increasing amounts of data and must delegate some aspects of its management. Security departments have no clue as to who should have access to folders because there are often millions of them.
    3 - Identify Delegate Responsibilities and Data Owners
  • Increase Efficiency of Access Request Management

    The IT department of an average small and midsize business (SMB) carries out hundreds of access requests daily, usually processed via email or by phone. The massive amount of service requests makes the process impossible to oversee.
    4 - Increase Efficiency of Access Request Management
  • Streamline Access Reviews

    Organizations must continually review entitlements across applications and platforms to ensure access is actually needed and to remove excess entitlements. Collecting and analyzing millions of entitlements across many platforms and managing the review are an enormous challenge. However, studies have shown a dramatic decrease of nearly 30 percent in the number of entitlements after the first review.
    5 - Streamline Access Reviews
  • Find Out Who Is Doing What, Where, When and How

    It's crucial to understand and gain transparency into the following: Who is accessing sensitive information? How are they using it? Who is deviating from the organizational policies? Answering these questions is a major step toward securing organizational data stores.
    6 - Find Out Who Is Doing What, Where, When and How
  • Discover Who Can Do What

    Looking at the big picture of granted entitlements across the enterprise is vital to accurately estimate potential exposure and risk factors. Having entitlements information from millions of files, folders, mailboxes, sites, and homegrown applications centralized and analyzed, can easily answer important questions, for example, on the types of information accessible to specific audiences (IT, domain administrators, etc.)
    7 - Discover Who Can Do What
  • Achieve Real-Time Protection

    Because the number of security breaches and information thefts are on the rise, just knowing who is doing what is not adequate. Defining real-time policies based on various user, machine and information attributes dramatically increases the odds of preventing information leaks and the damages that comes with it.
    8 - Achieve Real-Time Protection
  • Reduce Capital and Operational Costs

    High-end enterprise storage is a major expense in every organization's IT budget. Despite the decrease in the cost per gigabyte, the sheer increase in the consumption of the organizational storage makes it a real concern. The ever-expanding increase of storage also raises the manpower needed for management. Using crowd-sourcing to determine ownership and stale permissions quickly accelerates ROI of deployment, implementation, and maintenance of securing and governing unstructured data.
    9 - Reduce Capital and Operational Costs
  • Enhance Compliance

    Compliance is an ongoing process, not a single point in time. Organizations must comply with Sarbanes-Oxley, Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), ISO 27001/2, ISO 27799 and other regulations, and be able to perform forensics and active discovery.
    10 - Enhance Compliance
  • Strengthen Overall Security

    Until you know what data is sensitive, who is accessing it, how, when and from what devices, you cannot protect it fully. Hackers are clever and determined; they've penetrated some of the largest companies, banks and governments. They want your information. Even if it isn't valuable to them personally, it certainly has a value on the open market.
    11 - Strengthen Overall Security

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel