Here are three quick tips to help protect sensitive data.
The main question is, how can real analysis and business goals be supported while also ensuring that your sensitive data is protected no matter what specific form it happens to take – files, streaming, structured, etc.?
Although the task might appear to be a daunting one, it is possible to address specific data protection issued using a focused practical approach that can offer concrete benefits for the near term. Protecting sensitive information from those who don’t have a right to see it -whether that happens to be the eyes of a trusted partner, a contractor or someone within the organization – is an achievable and reasonable goal to have. So let’s break this issue down by providing three quick tips.
1. Discover sensitive date and understand it.
Ask 5 colleagues of your what data records are considered as payment card information and most likely you will be given 5 different answers. Before you roll out a data protection strategy for your enterprise, a cross functional team should be formed to determine what is considered to be sensitive data and what needs to be protected.
All data is not high risk. There have been many failures based on the fact that the distributed data landscape was not well understood or where sensitive data is located. Remember that sensitive data gets shared and duplicated with third parties such as vendors and business partners and across both non-production and production systems.
2. Monitor data activity and audit it without slowing performance down.
When data activity is monitored and audited it will provide you with complete insight into all data transactions and their whos, whats, whens and hows. When you have complete access history, it allows you to understand application and data access patterns as well as the ability to respond in real time to suspicious activity, enforce your data change controls and prevent data leakage.
The best monitoring solutions also offer automated complicated reports that are delivered on a scheduled basis. These should be distributed to oversight teams for escalation and electronic sign-offs. Remediation activities results should also be documented. Be wary of any solutions relying on native logging since they likely will inhibit instead of support you being able to do real time analytics.
3. Mask sensitive information within documents, analytics, reports, databases and applications.
Mask your sensitive information without data privacy being compromised.
Yes, that is correct. Data can be masked inside of analytics platforms without anything getting broken.
This technology is called semantic masking. It de-identifies data within context that is based on rules that ensure consistent and accurate results for analytics. What is valuable about semantic masking is its ability to retain usefulness of data while adhering to regulation and compliance requirements at the same time.
Here is an example scenario for us to explore. Semantically masked data has the same gender and symptoms but the ethnicity, family income and age are masked intelligently to a valid data point set and proper range. This results in privacy being protected while researchers still achieve valid results.
Every day 2.5 quintillion bytes of data is being created, so it is now time to obtain a thorough understanding of sensitive data and get business-driven security policies established in order to keep business, customer, personally identifiable information (PII) as well as other kinds of sensitive data safe. The foundation of successful data security strategies is focusing on discovering, auditing, monitoring and data masking. This piece by Barclay Simpson covers a lot of what’s important.
The bottom line is that with more and more analytics systems now storing sensitive data it increases the risk exponentially of there being a breach. With more data stores risk is far greater.