The Need for Data Centric Security

Written by

Remember when you only had one phone, and it only worked when you were actually in the office? Or when all the enterprise’s old files were stored in boxes off site? I do… although it does seem like a lifetime ago.

In today’s digitized environment, people and information are everywhere. Enterprise applications and storage are on the cloud, Bring Your Own Device is standard operating procedure and mobility is a way of life. The organization’s confidential data is no longer used only onsite, during specific hours and on clearly defined, stationery devices.

Where’s the data now? Who has it? Where is it located? Who is protecting it? In today’s mobile environment and decentralized workforce, data must be kept secure. Anywhere, anytime, whether it is at rest, in motion or in use, on the cloud, the network, within personal devices, etc. It is the age of data-centric security.

While the adoption of mobility and collaboration tools does increase productivity, it also carries new security challenges. How do you protect a piece of data once it leaves the person who created it? Can you guarantee it will not be copied, forwarded to a wrong person or edited without permission? Can you keep confidential files protected even in case of a data breach?

People are everywhere, and so is your data

In the past decade we have seen a tremendous improvement in enterprise collaboration. Tools such as SharePoint and other Office 365 tools, Google Apps, and DropBox, have created an increase in productivity. The evolution of enterprise CRM solutions has made it easier than ever to ensure that you never miss a business opportunity.

However, as the enterprise work environment is evolving, so is the threat landscape and related security needs. Cybersecurity threats are neck-in-neck against protection tools, and organizations need to ensure they stay many steps ahead, protecting their data at all times.

In addition, compliance and regulations are also keeping up with technology, now requiring persistent protection of data wherever it resides. As data owners, organisations are responsible for data protection of the data and fully accountable under the eyes of the law in many jurisdictions when the data is breached.

Enterprise security officers are learning to juggle these demands, as the age of data-centric security turns the security focus upside down.  Think of how secret recipes were protected—hand written with a single copy in a safe accessible by one or two people. We haven’t been there for decades—but the proliferation of devices and data-access locations makes us wish we were back to those times.

Data-centric security needs to be the new approach. It ensures the information in that recipe is always secure, especially in today’s business environment, where digital copies of documents are shared and accessed by different people, using multiple devices, in unknown locations.

What next?

Data-centric security is the newest critical layer in data protection. It dynamically protects confidential information and sensitive data in motion, in use, and at rest, anywhere, anytime, within any file, and across any device, inside the organization and out, and within email. Without it, once your data has left the building, it’s gone.

What’s hot on Infosecurity Magazine?