Protecting data 'at rest' isn't protecting data

Register now

Given that data needs to be fluid in order for your business to function, your security strategy should be adaptable to include solutions that are also dynamic like a data-centric strategy.

This kind of strategy is more important than ever given facts like this one: Verizon states that the time it takes cybercriminals to compromise a system is minutes or even seconds, while 68% of breaches take months or longer to discover.

Unlike traditional methods that focus on every little detail of your infrastructure and then miss the bigger picture, data-centric solutions prioritize datasets to protect the data itself. This means that it goes above and beyond simply protecting data that’s at rest and can keep it safe wherever it goes.
This means that your data has already been compromised by the time those slow-as-molasses tools finally pinpoint the problem. There’s no mitigation at that point, instead you’re left with crisis management and lost data that can never be retrieved from the hands of the criminals who stole it.

It can be difficult moving on from something that you’ve already poured resources into, but classic encryption is a sure-fire path to a pitfall. Encryption keys can be stolen, they aren’t often properly secured (the same key might be used to protect all company data), and team members often forget about changing the key periodically in the same way that people get lazy about changing their passwords.

Look no further than the Marriott-Starwood big data breach in which 500 million guests were victims of stolen information over a period of four years. The data was indeed encrypted but the company couldn’t rule out that the attackers didn’t steal its encryption keys along with the data.

Of course, like any security solution, not all that claim to be data-centric are designed for the demands of a big data. To find one that truly fits, you need to look for scalability, high performance, high availability, and flexibility. Furthermore, your strategy should involve support for multi-cloud and hybrid environments, along with native and API-based integration (read: it should be easily adaptable).

You’ve got so much data now and chances are you can barely keep up with it. Even worse, your current security solutions aren’t doing a whole lot to protect it. That’s a big problem because your business needs that data in order to thrive in this ever-evolving digital landscape. Instead of letting record-breaking headlines about big data breaches scare you away from your business goals, consider switching up your current methods of data protection in favor of a data-centric strategy.

For reprint and licensing requests for this article, click here.
Data breaches Payment fraud Security risk ISO and agent