New techniques to deal with data breaches [Q&A]
It's easy to think of data breaches as being someone else's problem, until you're affected by one yourself. Because breaches can involve large volumes of data, dealing with one can be a lot of work.
Can new techniques in capturing and storing data help to ease the burden on IT teams and even help prevent breaches in the first place? We spoke to Perry Dickau, director of product management from data-aware storage provider DataGravity to find out.
BN: How can better data storage techniques help with visibility into security issues?
PD: Most companies don't even know what’s in their data, so they can't ensure adequate protection is in place -- it's that simple. Files containing sensitive information -- such as intellectual property, customer identification numbers, tax audit or financial data, or Social Security or credit card numbers -- are often mistakenly saved to public servers, rendering them vulnerable to an external threat or internal management issue. For example, if you left diamond jewelry sitting in plain view of a window and then left home for the weekend, you'd be making a thief's job easy. Just having your internal storage 'house' in order can go a long way toward mitigating potential breaches and the subsequent fallout. And, while the threat of a data breach is always looming, regulatory compliance violations can spark fines and industry-specific security issues.
BN: What is 'data-aware' technology?
PD: Traditionally, storage is seen and treated as a stagnant box in your data center where information would rest and usually fade into long periods of inactivity. It didn't matter if stored data contained information that could improve your business or compliance violations that could wreak havoc during a tax audit.
Storage of that type doesn’t have a place in today’s data-driven IT landscape. You need to ask critical questions of your data to adequately manage sensitive information. For example, "Where is our sensitive data?" "What happened to our misplaced files?" "Can we detect a breach based on suspicious user activity?" "Are we wasting our storage budget by saving and protecting the wrong files?" Data-aware technology can answer, even raise, those questions for you. If your storage is data-aware, it's collecting insights and giving you unprecedented risk awareness, allowing your team to collaborate and become more productive. It also illuminates how your IT budget should shift.
BN: Is data-awareness limited to storage?
PD: Not at all. Data awareness manifests differently throughout the IT stack. Storage has come a long way, but new breakthroughs are also taking place in networking, applications, data migration and endpoint security. Palo Alto Networks, Informatica and similar companies are pioneering the data-aware charge, as well. It will take time and collaboration between vendors, analysts, investors, partners and end users before the entire enterprise ecosystem can become fully data-aware, but given today's headlines about high-profile hacks and data leaks, the need couldn't be more dire.
BN: Isn't there an increased cost and complexity involved in keeping all the data needed to understand and fix security issues?
PD: Not when those data insights are being gathered, identified and recovered on a near-instant basis. If you can streamline your processes for storing, managing and securing sensitive data, and you can enhance employee productivity and collaboration in a holistic process, you're actually cutting costs. When you're data-aware, fixing security issues is more a matter of letting go of complexity than introducing new layers.
BN: Many businesses now have a mix of on-site, cloud and hybrid systems. How can they ensure data is protected at all levels?
PD: A popular myth is that security breaches usually result from third-party attacks, but your internal users actually pose the biggest security risk in any part of your system. The Ponemon Institute reports that 78 percent of breaches begin within an organization. The actions causing these issues aren’t always malicious – an employee might save a spreadsheet to a consumer-facing file share, or use a public Wi-Fi network without realizing the document contains customers' personally identifiable information (PII). You can combat these risks by employing security guidelines among your team members, conducting frequent audits to check the security status of your core on-premise data and setting up security alerts. Then, extend this protection to your hybrid and cloud networks by working with a channel partner who's an expert on the platform in question and understands the nuances of your industry.
BN: Is it possible to stay ahead of the hackers and stop a breach before it occurs?
PD: The best strategy to combat attacks by hackers is two-fold: first, confirm that sensitive data is in the appropriate location and is not exposed. Second, monitor your infrastructure for suspicious user activity and limit access rights to your sensitive data. In other words, ensure information is available to the people who should have it and protected from the people who should not. There's a reason Cisco Systems reported last year, "all organizations should assume they've been hacked." Cyber criminals' strategies are rapidly evolving, and sooner or later, your network will be compromised -- if it hasn't been already. You just need to take steps to ensure they won't reach your company's crown jewels once they've broken in.
BN: Does this help to guard against internal threats too?
PD: Yes. For example, if an employee is planning to leave the organization, she might begin transferring client information and intellectual property to personal data stores to take with her. Or, an employee might become frustrated at the company and attempt to delete critical files in an act of malice. Data-aware technology helps storage and security administrators pick up on these issues by quickly identifying anomalous activities, so teams can react and mitigate the risks and damage.
Image Credit: Sergey Nivens / Shutterstock