The industrial revolution began in the late 18th century and revolutionized the manufacturing process; in a similar manner, the digital revolution happening now is fundamentally changing the way that organizations conduct business. The Digital revolution is all about the digital transformation of how business is conducted in today’s connected world. By migrating data from paper archives to the digital world, businesses can now integrate and utilize relevant data in our day-to-day lives. It has nothing to do with the evolution of devices, it is all about integrating and utilizing intelligent data to make better decisions.
This data-driven way of doing business will be ever vigilant, always tracking, monitoring, listening, and watching as it continues to learn and evolve. So what does this have to do with the data? Data is at the heart of the digital revolution and is essentially the lifeblood of digital transformation. Organizations are collecting and amassing data more than ever before and using it to come up with sources of competitive advantage in the marketplace. While organizations continue to collect and use customer data to drive consistent and better customer experiences, consumers are embracing these personalized real-time engagements.
Customers expect instant gratification and access to products and services wherever they are, on any device and whatever type of connection. For instance, I use a well-known streaming service to watch my favorite shows and movies on my TV when I am home and on my iPad when I am traveling. I like the fact that the streaming service companies provide me with a unified viewing experience across all my devices, making recommendations based on past choices. Unlike some others, I am not worried about the company storing data about me and my habits. However, what I am worried about is how a company is storing and protecting my personal data and keeping it safe from a data breach.
A breach in the data collected and maintained by a streaming service may not cause much alarm due to the more benign consequence of its loss. However, unauthorized access to the data maintained by my insurance company, credit card company, and my doctor is something that should never happen. A data breach of this type of personal information can do irreparable harm. This is exactly the reason why governments across the world have stepped up and enacted laws, such as the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and Health Insurance Portability and Accountability Act of 1996 (HIPAA) to keep everyone’s personal data safe in the digital world. This type of data is what is commonly referred to as Personally Identifiable Data (PII) or sensitive data in the industry. Organizations can go bankrupt or face huge fines from the government if the sensitive data under their care is treated irresponsibly; this means that the companies must begin with knowing the specific type of data that is housed within the organization and where and how it is stored.
Typically, most sensitive data resided in relational databases, however, that is no longer the case. Sensitive data can now be contained within files, which might reside on file shares, user computers, and in NoSQL datalakes. In order to comply with privacy and industry regulations, organizations need to be able to effectively discover, classify, and understand the nature of the sensitive data across both structured and unstructured data silos.
To successfully prevent a sensitive data breach, organizations also need to know who, when, and how the sensitive data is being accessed in addition to knowing where the sensitive data resides. It essentially comes down to knowing and categorizing the permission hierarchy to the sensitive data, both structured and unstructured.
Structured Data
Structured data typically refers to data that is stored in relational or SQL databases. Some examples of relational databases include Oracle, SQL Server, PostgreSQL, etc., while Hadoop, MongoDB, and Couchbase are NoSQL databases. The data in relational databases can either be normalized or denormalized while maintaining a strict structure. Data stored in NoSQL databases can either be structured, semi-structured, unstructured or a combination of all three.
Both SQL and NoSQL databases can contain sensitive data. Examples of sensitive data include PII, PCI, and HIPAA type data. It is normal for organizations to have multiple databases with multiple tables containing sensitive data. The key requirement when it comes to sensitive data is being how to identify where and what type of sensitive data exists and how to secure it.
StealthAUDIT can scan Oracle, SQL, PostgreSQL, MySQL and MongoDB databases for sensitive data. The structured data scan engine comes with not only numerous pre-defined sensitive data search criteria but also provides support for user-defined criteria.
Unstructured Data
Unstructured data refers to sensitive data stored in a file format. Common examples include Word documents, PDF files, JPEG files, PowerPoint files, ASCII text files, etc. These files are commonly stored on both local and cloud-based file shares.
StealthAUDIT can scan both on-premises and cloud-based file shares, parse the files and identify and classify sensitive data. The unstructured data scan engine comes with numerous pre-defined sensitive data criteria while also supporting user-defined criteria. Remediation actions such as restricting access and quarantining files are supported through Action Modules. To learn more about how STEALTHbits can help with your sensitive data discovery and classification needs for both structured and unstructured data sources, visit our website: https://www.stealthbits.com/data-access-governance-solution.
Sujith Kumar has over 25 years of professional experience in the IT industry. Sujith has been extensively involved in designing and delivering innovative solutions for the Fortune 500 companies in the United States and across the globe for disaster recovery and high availability preparedness initiatives. Recently after leaving Quest Software/Dell after 19 years of service he was working at Cirro, Inc. focusing on database management and security. His main focus and area of interest is anything data related.
Sujith has a Master of Science in engineering degree from Texas A&M University and a Bachelor of Science in engineering degree from Bangalore University and has published several articles in referred journals and delivered presentations at several events.
Related Posts
- Using The Azure Information Protection (AIP) Scanner to Discover Sensitive Data
- Advanced Data Security Features for Azure SQL- Part 1: Data Discovery & Classification
- How to Protect Office 365 by Classifying Your Data with Microsoft’s AIP Labels
- 2019 Verizon DBIR Key Findings
- 5 Cybersecurity Trends for 2019
- EU GDPR: Paving the Way for New Privacy Laws?
- Announcing Stealthbits Activity Monitor 3.0 & StealthINTERCEPT 5.1
- Key Take Aways from the Ponemon 2018 Cost of Insider Threats Report
- Where Real Organizations Are with EU GDPR 10 Days from Launch
- Stealthbits Cyber Kill Chain Attack Catalog: Active Directory Attacks and More
A very nice introduction on sensitive Data discovery. In addition to enabling users to classify data, the solution should monitor users’ folders to automatically analyze and classify data the moment it is created in, moved to, or modified within the folders.