Michael Orozco, Managing Director, SecOps, Infrastructure & Innovation Leader
For many companies, data is the lifeblood of their business. While some corporate data is easily managed and processed, other data is hidden away, unknown and providing no benefit to a business. Easily accessed data is called structured data while hidden data is called unstructured data. Unstructured data is found in documents emails, and messages on corporate collaboration apps, among other places.
Structured data is easier for a company to manage, use, and secure. However, an estimated 80% of financial organizations’ data is unstructured, and this number is growing. On average, the volume of unstructured data doubles every two years. If an organization lacks the ability to manage this type of data today, the problem will grow exponentially in the future.
Securing unstructured data is challenging
The rise of unstructured data creates a variety of problems for organizations, including lacking data visibility and usability. If sensitive data can be buried in emails, documents, or chat messages, it is vastly more difficult for an organization to find and process this information.
However, one of the biggest challenges that unstructured data poses to a business is data security. Some data security challenges that unstructured data poses include the following:
- Data Visibility: Unstructured data is difficult to track as organizations need to use keywords, natural language processing, and heuristics to identify it. Large volumes of unstructured data mean that the company likely lacks visibility into the full scope of the data that it holds.
- Distributed and Unclassified Data: Structured data is commonly stored in a single location (the database), but unstructured data is scattered across servers, user workstations, cloud infrastructure, and third-party software. This diversity of storage locations makes it more difficult to identify, manage, and secure this data. Data classification is also essential to data security, but unstructured data doesn’t lend itself to easy classification due to the challenges of identifying and processing it.
- Data Loss and Exfiltration: Unstructured data is also more easily lost and stolen than structured data. While a departing employee may not be able to copy the corporate database, they can probably forward a couple of emails containing corporate data to a personal account or upload documents to private cloud storage.
Developing an effective unstructured data security strategy
Properly managing unstructured data can be challenging, and failures to do so can lead to data breaches and compliance penalties. On the other hand, having a successful strategy for managing unstructured data security can help protect the organization’s productivity, legal and regulatory compliance, and brand reputation.
Some key components of an effective unstructured data security strategy include the following:
- Proactive protection: Unstructured data is a growing problem, and it’s too late to start building a solution after a data breach has occurred. Unstructured data should be identified, classified, tracked, and secured from the time of origin, ensuring its security throughout its lifecycle.
- Encryption by default: Encryption provides strong protection against data breaches and should be applied wherever possible. Data should be encrypted at rest and in transit and only briefly decrypted while being actively used, such as with the Advanced Encryption Standard (AES). This is the trusted standard algorithm used by the U.S. government and widely regarded as the go-to in the private sector as well.
- Infrastructure agnosticism: Unstructured data is created, stored, and transmitted on a wide variety of different platforms and media. An unstructured data security strategy should be capable of protecting unstructured data wherever it is in the organization.
- Internal and external protection: Sensitive corporate data may remain inside the enterprise or be shared with third-party partners or platforms. An organization should be able to monitor and secure data both inside and outside of the enterprise.
- Visibility and insight: Poor visibility is one of the most common challenges that companies face in managing and protecting their unstructured data. A data security strategy should alert security personnel regarding events for protected documents, enabling incident response, regulatory reporting, and gleaning useful insights and intelligence based on trends and patterns of data usage.
Implementing a corporate unstructured data security strategy
Securing an organization’s unstructured data can be a significant challenge. Unstructured data is more difficult for an organization to monitor and track and is commonly in formats designed to move freely in and out of the organization, such as email and documents. Ensuring that this data is tracked and properly secured both internally and externally may require specialized solutions.
In recent years, new solutions have emerged that give companies the tools they need to manage the security of their structured, semi-structured, and unstructured data. When evaluating solutions, organizations should also look for a tool that provides strong, policy-based encryption that enables data encryption and sharing settings to be tailored based on a least privilege, zero-trust security policy.
…
View the full story here: Overcoming the Challenges of Securing Unstructured Data – CPO Magazine