Gibson, whose firm offers governance technology that focuses on unstructured data – which he claims accounts for around two-thirds of data in a typical large enterprise – says that 2011 was a turbulent year for data owners and next year will likely be no different.
To assist IT security professionals, Gibson has come up with four main predictions and strategies for 2012.
Firstly, he says, secure collaboration will go viral in 2012, which he predicts will be the year data owners take back access control decisions from IT, and demand automation to analyse data, make better decisions, and eliminate costly, ineffective manual processes.
“Just as organizations demand automation to understand their sales trends, customer base, financial habits, and other critical processes, they will demand automation to understand their data—where it should reside, who should have access to it, and how it’s used. Organizations will realize that continuing on the current path will have devastating results for their businesses – doing nothing is not an option any more”, he said.
Secondly, he predicts that big data analytics will expand its focus to the biggest data of all—unstructured information sitting on file servers, NAS devices, and in email systems.
“Effective data governance requires harnessing the power of metadata through intelligent automation. It is not surprising that industry experts are now saying that the same kind of automation is necessary for more than good governance”, he said.
In order to harness the power of big data, Gibson adds that you will need to analyse and look for patterns in how and when these massive amounts of data are used, who uses it, in what sequence, and what it contains in order to effectively run a data-driven organization.
Thirdly, the Varonis director predicts, we will see some IT departments taking drastic measures, such as shutting down `at risk’ servers or access to e-mail if the proper audit trails are not in place.
“One organization we deal with has recently enforced a policy of – no visible audit trail, no email Their iron rule is - if the auditing is not available in their email system they aren’t allowed to use email. So, in other words, if the communications can’t be traced and audited then they may shut down the email server. It hasn’t happened yet, but 2012 may be the year servers get shut down and email withdrawn if no audit trail of access activity exists”, he explained.
Finally, Gibson asserts that internal threats will still be a major worry for corporates in 2012 despite the demise of Wikileaks.
“When it comes to data loss, threats from inside the organisation have become as worrisome, if not more so, than those from outside. In many of the security breaches in 2011, employees or contractors were able to delete or download thousands of files without raising concerns because often no one was able to determine what sensitive data they had access to and secure it before information could be stolen, view an audit trail of what they actually did access after the fact”, he said.
And, he added, they certainly not hear any alarms go off while the breach was in progress, when access activity was unusual.
“Corporates will have to address this issue properly in 2012”, he notes.