• Privacy Policy
Tuesday, March 21, 2023
Data Centre & Network News
ADVERTISEMENT
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
Data Centre & Network News
No Result
View All Result

The pervasiveness of data and data-centric security strategy

Beatrice by Beatrice
June 24, 2021
in Data, Security
4 0
0
Share on FacebookShare on Twitter

Regardless of what business you are in,  a data security breach is an increasingly likely scenario that all businesses must mitigate.  With escalating cybercrime, the widespread growth in Cloud computing, and the explosion in mobile devices and varying tech and app use amongst employees and partners; key aspects of enterprise security are now, and will forever be, beyond our control.

In fact, Gartner has forecasted that security and risk management spending worldwide will grow 12.4% to reach $150.4 billion in 2021. Even with that investment, the number of data breaches is increasing.

The pervasiveness of data and the complexity of the underlying environment continues to increase by orders of magnitude, and increased vulnerability around sensitive data is here to stay for all businesses. But for CISOs, is it merely a question of continually bolstering an organization’s core defenses—the systems, applications, devices and networks that enclose data?

The fact is that with more apps, more data, more networks, and more logins than ever before, sensitive data may be at risk out of sight and beyond the reach of security teams. Gaps in security policy and process will always exist and a policy of ‘building walls’ with strong perimeter-based security, authentication, encryption and more will sometimes fail.

The Four Key Gaps In Information Security Architecture

There are four key gaps in information security architecture that revolve around employee and external partner behaviours, and can only be remedied with data-centric security practice (and by engendering a solid security culture within the business). For CISOs these pain points pose serious risks in terms of maintaining compliance and can create a reactionary environment of playing continual catch-up.

The Behaviour Gap: Usability poses a major challenge to CISOs. People simply want to find the fastest, most convenient way of doing something. In fact, human error is still the number 1 cause of data breaches in 2021. Sensitive files will be added to USBs or data copied to unsecured documents, secure FTP servers may be bypassed, and people may not always adopt the security processes in place.

The Visibility Gap: Sensitive data travels. Average employees send emails in their tens of thousands per year and many receive files they were not meant to see. IT Governance lists a staggering number of serious enterprise data breaches in March 2021 alone.

Who accesses data once it’s shared beyond a business’s devices, networks, and applications and how it is used is beyond your control and lies outside of your monitoring, auditing, and tracking technologies.

Where files and data are shared outside your organization, the nature of the information within them cannot be tracked or audited once it leaves your server.

The Control Gap: Lost files or leaked information can go beyond an organizations control. Identity and Access Management, Mobile Device Management and Data Loss Prevention (DLP) systems, all help to monitor and control employee access to data. But data that leaves the systems and networks within your sphere of influence is effectively out of your control.

Lost or leaked information can bear serious consequences with no way to shut down the information once leaked, and potential violations that must be reported with implications around compliance.

The Response Time Gap: There is a time lag between uptake of a new application or behavior and the ability of CISOs to understand and respond. It’s what puts security teams into reactionary mode and can take weeks or months to identify, during which time you don’t know what’s happening with sensitive information.

Technology changes quickly and in many organizations employees bring their own devices, applications, and expectations of how to work. Departments purchase applications and devices, which in turn generate more sensitive, proprietary information.

In the rush to get business done, security is often left to play catch-up and security breaches may be the unintended consequences of this gap.

Security needs to operate at the speed of business, with flexibility to adapt to the unknown. Your Response Time Gap may be measured in days, weeks, months, or quarters. The longer it is, the greater the risk of people taking measures into their own hands, or of sensitive data going untracked into new applications.

Closing the Data Security Gap with Data-Centric Security Strategies

Collaboration, innovation, partnerships, and business development are the behaviours that drive business growth and all are dependent on trusted exchanges of vital information.

When these new unforeseen breaches take place, CISOs must respond by evolving from infrastructure-centric security measures with multiple layers of defence, to data-centric approaches that protect what really matters: the data itself.

Data Loss Prevention (DLP) solutions, data encryption solutions and Digital Rights Management (DRM) tools often take a limited view of the data to be protected, for example files on a server or emails leaving the network, and they still depend on the idea of walls—systems, devices or networks that enclose data.

Businesses need to be able to guarantee file-level security—to secure, track and share any kind of data, no matter where it’s stored or located, with robust policy enforcement, strong encryption, and strict access controls. Data-centric security solutions also enable employees to collaborate freely while ensuring a high level of security and visibility, and even revoke access to sensitive data that has been shared by email mistakenly. Further, by adding a cloud-based tether, access to data can be managed with access rights and the data decrypted if the person is approved.

Data is the lifeblood of business and, by locking it down too tightly, business slows down and potentially diminishes its value. CISOs should adopt a data-centric security solution that secures sensitive data through its entire life cycle; everywhere it travels, no matter who has it or where it’s stored. By adding in this additional layer of security, data is protected in motion, in use, or at rest, inside or outside the organization.

Written by Adam Strange, Global Marketing Director at Titus. 

Tags: Cloud computingcybercrimedatafeaturedSecuritystrategyTitus
Share2Tweet1Share

Related Posts

virtualDCS signs agreement with Seagate

virtualDCS signs agreement with Seagate

March 20, 2023
37
Lenovo storage innovation drives record growth

Lenovo storage innovation drives record growth

March 17, 2023
52
New security platform to fight AI-based cyber attacks

New security platform to fight AI-based cyber attacks

March 16, 2023
78
Jane Frankland takes up advisory role at e2e-assure

Jane Frankland takes up advisory role at e2e-assure

March 10, 2023
44
New group formed to overcome attacks against data centres

New group formed to overcome attacks against data centres

March 10, 2023
70
Edgegap’s fleet manager now available to Alibaba Cloud clients

Edgegap’s fleet manager now available to Alibaba Cloud clients

March 6, 2023
69
Next Post
York fulfils responsibility to protect constituents’ cloud data with new solution

York fulfils responsibility to protect constituents’ cloud data with new solution

Global Technical Realty agrees first UK data centre facility

Global Technical Realty agrees first UK data centre facility

ADVERTISEMENT
nLighten signs Letter of Intent with City of Eschborn
Data Centres

nLighten signs Letter of Intent with City of Eschborn

March 21, 2023
32
Datum Datacentres wins Megabuyte award
News

Datum Datacentres wins Megabuyte award

March 21, 2023
32

Head office & Accounts:
Suite 14, 6-8 Revenge Road, Lordswood
Kent ME5 8UD
T: +44 (0)1634 673163
F: +44 (0)1634 673173

Data Centres

nLighten signs Letter of Intent with City of Eschborn

March 21, 2023
32
News

Datum Datacentres wins Megabuyte award

March 21, 2023
32
  • Privacy Policy

© 2023 All Things Media Ltd.

No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact

© 2023 All Things Media Ltd.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Cleantalk Pixel
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.