Allan Thompson is Executive Vice President, Operations, for Dataguise, a provider of enterprise security intelligence solutions.
ALLAN THOMPSONDataguise
No matter how you slice it, security is about information, with the tastiest piece of the pie being the protection of an organization’s critical data. But there is another slice that IT decision-makers need to have on their plate, and that’s how to leverage information about sensitive data in their enterprise to provide the security intelligence they need to make smart data risk management decisions.
It’s this second part that continues to emerge as a critical element of securing the enterprise. Organizations are looking to leverage everything from mobile user location data to on-line consumer buying behavior in the quest to improve business processes and enhance profitability. In the process, they need to ensure sensitive information does not fall into the wrong hands. With accurate intelligence on the sensitive data they use in their environment, companies can take a more comprehensive approach to security based on a complete view of their sensitive data risk posture.
Evolution of data science
In recent reports on the topic of enterprise security intelligence, experts dub this an area expected to evolve in the years ahead to include among its elements the correlation of information from disparate technologies such as Web application firewalls and application security testing solutions, as well as technologies such as database activity monitoring (DAM), data masking and identity management.
Integration between these various technologies and the data that comes from them is a key requirement of such an approach. According to one analyst focused on ESI: “the current disjointed approach to security - which essentially limits security analysis to reviews of monitors' logs and scanners' reports — is marked by the lack of knowledge management, analytics and planning capabilities.” Such a siloed approach to security, where multiple products are working in isolation, is an enemy to the comprehensive security strategy enterprises need to protect their data.
But security intelligence does not just mean gathering log data. It also requires knowing what – and where – your sensitive information is. In April, the Texas Comptroller’s office disclosed that social security numbers, addresses and other information belonging to millions of Texans had been left unencrypted and exposed on a server accessible to the public. Between the cost of notification, investigation and reputation damage organizations can face in these cases, the importance of having a clear view of where the information that constitutes your organization’s “crown jewels” resides should be clear.
Roles are Important, Too
However, a truly comprehensive approach to security must also take into account the roles and responsibilities of the people accessing data. For example, does employee X need to have actual customer data in order to do his or her job? Enforcing such “least privilege” policies as to who can access sensitive data is critical for guarding against a data breach by a rogue employee – the person who, either because of discontent, impending termination or simple greed is looking to steal corporate data.
To be sure, this drive to draw business value from data goes well beyond security. It can be seen in the efforts by vendors to help organizations use analytics to make better business decisions. And just like a business intelligence vendor whose software enables an insurance company to use customer information to determine risk, the security vendors that enable organizations to make decisions based on enterprise-wide intelligence will be in the best position to help organizations secure their data.
