Page 40 - index
P. 40
The best way to safeguard and protect data inside these permeable perimeters is to add a
data-centric approach – adding the security controls to protect data where it resides. This
entails:
Protecting data with encryption and limiting access to those who need it when they need it
Logging and monitoring who, what, when and where data is accessed and then analyzing
the information to spot potential compromises
This doesn’t mean you can forget about keeping your network and end point security at a
state of basic readiness. That would be like unlocking the doors and windows to your house
when you are away. But it does mean that emphasis and investments in IT security software
implementations needs to shift to data-centric protection.
Beyond your traditional enterprise perimeter, you also need to recognize that SaaS, big data
and cloud environments are now a reality – and that adjustments need to be made to
safeguard data used in these environments. Again, the solution is the same. Since your
perimeter has now “ballooned” out to include external applications and environments not
inside of your perimeter, take a data-centric approach to protecting your organization from
threats in these environments. In fact, data-centric security can enable organizations to
make full use of cloud and big data environments – taking advantage of the efficiency, cost-
effectiveness and business advantages they offer.
Strategy needs to be adapted to meet these changing circumstances.
When choosing solutions to these problems, selection should hinge on a few critical points:
Coverage: Should address as many use cases as possible with a single platform across
your entire IT environment, including; OS platforms, data centers, big data implementations
and cloud environments
Scalability: Make sure security solutions can scale, and encrypt without affecting application
performance
Simplicity: Implementation should be simple, easily implemented and managed as well as
capable of integration with existing security, deployment and management tools
Conclusion
Organizations need to do more to deal with insider threats that range from employee and
contractor misuse, to targeted and malicious APT threats. They are often hindered by the
tendency to keep doing what worked in the past – to continue with security solutions that
were deployed with the assumption that by protecting networks and endpoints, valuable data
assets are safe. Rather than maintaining the status quo, organizations should change focus
to add data-centric security to the mix (encryption, access controls and data access
monitoring/analysis).
In the past, integrating these elements into an existing IT infrastructure was not synonymous
with “easy” or “low impact.” Encryption was viewed as intrusive and difficult to implement.
40 Cyber Warnings E-Magazine – August 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
