Censys: The World of Attack Surface Management
In today's technological climate, companies are creating more data every single day. Nevertheless, much of this valuable information becomes forgotten, lost, or unrecoverable.
It is therefore integral that enterprises use data classification to restore control over their unstructured data. In a recent whitepaper, software company Boldon James outlines five steps to implementing effective data classification.
Identifying valuable data
First and foremost, identifying the most valuable and confidential data is key to securing corporate data assets. By identifying the types of data that are most important, companies can distinguish where they need to focus their protection.
A company's "crown jewels" might therefore include data assets, such as information on a CRM database. Business-critical documents might also fall under this bracket, including strategic plans and agreements.
Documents or information that is subject to regulations are also of great importance. Meanwhile, intellectual property (IP) and personal information such as employee details could be equally sensitive.
Discovering and defining data
Once a company has classified data according to its value or sensitivity, it is easier to reduce the risk of security breaches. In order to do so, enterprises must implement and enforce the appropriate protections.
Unknown data makes a business more vulnerable to attacks. It is therefore necessary to identity what data a company has, where it is, and who may have access to it.
Once this process has occurred, it is simpler to make decisions regarding the processing of data. Following on from this, companies can classify data according to its relative importance and sensitivity.
Classification is the first of two steps that involve actively securing corporate data, with the second being the implementation of protection tools. However, it is classification that allows these solutions to be more effective.
In effect, data classification involves the categorisation of data according to its sensitivity and value. Attached as visual markings or embedded into the metadata of the file, companies use labels in order to classify data.
It is important to decide who should have access to certain data and how many categories are necessary. Boldon James recommends classifying "live data" first of all, before moving onto legacy data.
Once a company has appropriately labelled its data, it is time to implement security solutions and information management technologies. As previously mentioned, enterprise security tools are more effective once data is classified.
Data Loss Protection (DLP) solutions are just one of the useful tools, as they shield against international and accidental data loss. Email gateways automatically encrypt any file named "confidential", while discovery tools enable employees to rapidly locate information and its subsequent uses.
SIEM tools also flag up potentially risky user behaviour and access control tools use classification labels to dictate who can access a file. In addition, search and retrieval tools make it easier to keep an audit trail.
Measure and evolve
Enterprises can successful secure valuable and confidential information if it follows these four steps (Identify, Discover, Classify and Secure). Nevertheless, it is important to note that legislation and threats constantly evolve and regulations intensify.
The monitoring of classification activities is therefore key to measuring the effectiveness of a security policy. By providing visibility via structured audit data and analytics, these tools improve the chance of detecting and addressing breaches.
Real-time monitoring also allows companies to differentiate any behaviour that differs from "normal" activity. As a result, "ongoing monitoring builds an organisation-wide picture of how effective the security policy is – a picture which can be shared with the board – along with an understanding of how to improve it."
Enjoyed this article? Take a look at the Top 10 Organisations Supporting Diversity in Enterprise Tech