Data Visibility – Power to Your Data
 

Finding the right balance between limiting security risk, providing access to sensitive data and addressing compliance requirements, is challenging. However, businesses that adopt a more strategic approach to governing their data are well positioned to realise the power of their information assets while reducing the risk of security breach and leakage incidents which can damage corporate reputation, compromise customer trust and erode shareholder value.  

Any security strategy is destined to fail unless an organisation knows and has clear visibility of what it needs to protect and where that information resides – in other words if you can’t find your data, how can you protect it? Organisations need to understand their data entities that contribute to risk threats, asset criticality and vulnerabilities.  

Taking inventory of assets is a vital first step in establishing any kind of protection framework as it’s unlikely to accurately assign value to something until it’s been located and identified.  If it’s true that “you don’t know what you’ve got ‘til it’s gone” then it must also follow that realising exactly what you have, particularly when it comes to valuable data, makes sense.

Only when an organisation has this level of visibility, can it begin to understand the risks in identifying where their data is stored and make informed choices and required action in order to remediate, control and protect valuable data assets.  Having a clear understanding of the nature, location and value of critical data assets sits at the core of sound business practice.

Information is the Lifeblood of Business

Data needs an even greater requirement for visibility and protection as it’s the kind of ‘inventory’ that can cause unnecessary trouble if it falls into the wrong hands, is mishandled or lost in transit. It is the fundamental power of data that underscores one of the major challenges confronting IT organisations, i.e. being able to specify the exact location of critical data within the broad context of an enterprise.

The sensitive and confidential nature of corporate data, whether it is IP or trade secrets, employee information, customer information, card holder data (CHD) or other forms of personally identifiable information (PII), means that its discovery and protection have significant governance and risk management implications within organisations.

Driving these concerns are standards and regulations such as the Payment Card Industry Data Security Standard (PCI DSS), the Health Information Portability and Accountability Act (HIPAA), Sarbanes-Oxley (SOX) and Gramm Leach Bliley Act (GLBA) which place a continuous onus on organisations to adequately protect and secure consumer data that is deemed to be sensitive and private.   A recent report from Privacy Rights Clearinghouse (PRC) noted 535 breaches during 2011, involving 30.4 million sensitive records. The volume and high profile nature of data breaches particularly at major corporations like: Epsilon, Alliance Data Systems, Sony PlayStation, WordPress.com only serve to heighten the concerns of government and regulatory bodies to further tighten and enforce data protection legislative procedure.

Information is the lifeblood of all businesses and achieving the correct balance between access, integrity, compliancy and protection is essential to operational and long term business stability. In realising its value, an organisation must have the ability to unlock the power of this information while also adequately protecting the data assets that matter most.  In order to protect information and manage risk effectively, organisations need to adapt a more strategic approach that allows continuous proactive detection of real threats to critical business systems and fosters a culture of vigilance through ongoing discovery audits, review and reporting.  

About PixAlert
PixAlert deploy world-class scalable enterprise content audit solutions which enable organisations to discover where unsecured, unstructured sensitive information resides extensively across networks and within email correspondence. PixAlert audit solutions help to safeguard reputational integrity,  reduce risk and improve compliance standards through proven market leading data discovery and illicit image detection software products www.pixalert.com