1. “Where is my data?”

            The first step to securing data is knowing where it to find it. Once you catalog each device, data source,
            storage location and transfer point where data resides, you can define a cybersecurity strategy that builds
            a  fortress  around  those  targets.  Pursue  a process  of  data  mapping  and  classification.  Detail  all  data
            assets  and  classify  data so  that you  fully understand  what  data  is sensitive  and  subject  to regulatory
            protections.

            For instance,  medical facilities with Personally  Identifiable Information  (PII) and health data covered by
            HIPAA, or a business with financial  data regulated  by FINRA,  should flag that data as carrying  special
            responsibilities for how it must be handled and secured. Crucially, a business should treat all devices and
            environments with the assumption that sensitive data resides there (even after performing data mapping)
            because, in practice, this is too often true—and under-securing such blind spots is a common recipe for
            a data breach.

            To complete  the picture  on your data’s locations, perform a data flow analysis to track the flow of data
            through  your business, from its creation  to its deletion.  Doing so will identify any channels  where data
            transmission  needs  to  be  secured.  Make  sure  that  trustworthy  file  transfer  solutions  and  encrypted
            communication protocols are in place to fully secure all data in transit.



            2. “Who can access my data?”

            Regulatory  compliance  often  hinges  on  whether  or  not  a business  can  prevent  unauthorized  access.
            Securing device and system access—thereby securing data against breaches and your business against
            regulatory action—should be accomplished  via layers of safeguards and active security measures.

            Implementing  role-based  access  control  (RBAC)  empowers  businesses  to  closely  manage  who  can
            access data within its organization. By allowing each employee to access only the data they need to fulfill
            their  role and  tasks,  a business  vastly  reduces  internal  threats  and  the risks  that arise  when  a single
            employee’s  device  or credentials  are  compromised.  Adding  multi-factor  authentication  (MFA)  will then
            protect data even in that inevitable credentials-have-been-compromised  scenario.

            Implementing  continuous  security  monitoring  to  detect  anomalous  behavior  and  take  automated  and
            manual  actions  to  mitigate  attacks  is  essential,  as  is  automated  alerting  to  ensure  swift  security
            responses. Performing access audits to verify the effectiveness of access controls and recognize attack
            attempts  is  another  important  practice.  Businesses  can  also  harden  access  controls  with  automated
            protections  that  make data  inaccessible  when  a device  shows  signs of compromise.  This can  include
            removing or quarantining a device’s data when the user fails too many login attempts, or when the device
            exits a geo-fenced area where access is approved.












            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          122
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.