Data Centric Audit and Protection (DCAP) is a term defined by Gartner back in 2017 in response to the weaknesses of the Data Security Governance practices at the time. At that time, data protection strategies focused on the security of the application, or storage system that contained the data. This focus led to a variety of technology-specific security tools which tended to be owned and managed by different teams within IT. This siloed approach to data security worked well as long as the data stayed in that system but failed to provide any protection when the
STEALTHbits has embraced this strategy and has evolved our products and features to help our customers implement a comprehensive DCAP security focus.
STEALTHbits can discover and classify data from the largest number of data sources in the market. From structured data repositories like major business applications and databases, to semi structured repositories like business productivity software to unstructured data sources like file shares and cloud storage services, STEALTHbits can discover and classify more types of business data than any other vendor. With this capability comes the ability to recognized sensitive data types that may deserve additional protection and control. Once you understanding where the data is located and whether it’s sensitive or not, you then need to understand who is accessing the data.
Data Activity Monitoring
Once STEALTHbits has located and classified your business data across all of your applications and storage, it can then provide detailed access and activity monitoring so you know who is using the data. Along with activity, STEALTHbits gathers details about how users have been granted access and can quickly identify unsafe “open access” conditions that could lead to sensitive data getting into the wrong hands. Another benefit of this access monitoring is that you can see if anyone is even using the data that is available. After all, why manage data that no one is using? This provides a great opportunity to archive off any unused data, thereby reducing the management overhead.
Once the types of data have been identified, and user access is understood, you can then start to make some decisions about restricting access to reduce risk and secure sensitive information.
The DCAP approach encourages IT teams to focus on the data, not on the underlying technology. IT is responsible for the installation, configuration and management of business applications, but who really understands the value and sensitivity of the data? The data owners, the people that created it and their managers in the lines of business. They are the ones who know if data is still relevant and needed by their teams. STEALTHbits enables IT to let the business owners decide who should have access. With automated periodic access and entitlement reviews, IT can get out of the middle and let the business leaders make decisions about what to keep and who should have access.
Embracing a DCAP approach requires shifting the focus away from a siloed security stance to a more business informed focus data access. For more information on how STEALTHbits can provide the tools necessary to achieve a DCAP focus, visit our website at www.stealthbits.com.
As the VP of Product Marketing, Darin is responsible for product messaging and positioning as well as generating industry and market awareness for STEALTHbits products. He is an experienced leader who has worked in software for over 21 years.
Prior to joining STEALTHbits, he was VP of Marketing for Quorum and SecureAuth, and has held positions in product management & product marketing at Oracle, and Quest Software.