Data security is a major issue for any company that has valuable information to protect. Breaches of that data can cost an organization dearly in the form of business disruption, loss of revenue, fines, lawsuits, and perhaps worst of all, the loss of trust between the organization and its customers and partners. But the challenge of securing all that data is daunting. It’s easy to lose sight of the fact that some small changes can have a major impact. Just as a journey of a thousand miles starts with one step, you have to break it down. The pragmatic approach to data security is to focus on the highest risk areas that can be solved with the least amount of effort. So, where do you start?
Let’s start by looking at some facts.
- 95% of the Fortune 1000 use Active Directory (Microsoft).
- 80% of data is unstructured data (CSC).
- Authentication-based attacks factored into four of every five breaches involving hacking (Verizon DBIR).
Even if you extend beyond the Fortune 1000, Active Directory is the clear market leader in the directory services space. Active Directory is the keys to the kingdom as the authentication and authorization hub of virtually every organization’s IT infrastructure. Given that 80% of the data within any organization resides in an unstructured form on File Shares, SharePoint Sites, and laptops, the vast majority of an organization’s data is secured by Active Directory. So it’s no wonder that four of every five breaches involving hacking leveraged techniques to compromise Active Directory itself. So, again, where do you start? Start with Active Directory and your unstructured data. By following the four pragmatic best practices for data security laid out in these two blogs, organizations can quickly reduce the risk of data breaches and all their disastrous consequences.
Pragmatic Data Security Best Practice #1: Close Down Open Access
There are some legitimate reasons why every single person in your organization should have access to a resource. But those reasons are few and far between. Understanding where open-access conditions exist and remediating them can have an immediate and dramatic effect on your organization’s security posture. Reducing open access also reduces your risk exposure by enforcing least privilege access concepts. And when you take the process a step further by assigning data custodians and performing regular entitlement reviews, this also enables IT to transfer the accountability for data to the data owners themselves.
In part two of this blog, we’ll dive deeper into the next 3 best practices and how they reduce the risk of data breaches.