Streamlining Data

The Case for Streamlining Data

Do you know what data you have? Where it is and who uses it?

No, then you need to read this blog!

It is not easy to understand where unstructured data exists in the enterprise. There can be massive volumes of documents, spreadsheets, presentations, and emails, all typically scattered about the organisation.  And this represents not only a major security weakness but an expensive one at that, which now, in COVID times, means that data could be in places your organisation does not control, such as Dropbox. This is where the term ‘Shadow IT’ has come from. All these diverse locations for data and its volume represents not only a major security weakness but an expensive one at that.

Having huge amounts of data scattered across the enterprise can result in heavy costs in terms of storage, whether in data centres or third party storage facilities.

Add to that, the requirements of GDPR and, in particular, Subject Access Requests (SAR’s), and you can see what a nightmare situation unstructured data storage can become.

Data classification systems are the answer.  They are able to take the challenge down to a focused data set of in-scope data, that can amount to only 10 to 20% of the entire environment. They can ensure that all personal data is found, using a more efficient and targeted approach, which could result in a saving of some 40% in storage capacity and removing risky data from shadow IT locations.

Indexing file properties including activity logs, who has accessed what, and ACLs, who has read/write/browse permissions to specific files, facilitates a proactive approach to data protection. Combining in-depth monitoring and active controls to confine any suspicious activity before it becomes a risk is key, for example, a Ransomware attack.

Personal data can be managed according to the data owner’s request. Deleting, migrating, archiving, restricting, and correcting content.

Capturing sensitive data that is no longer needed on the primary storage network, but must be maintained for long-term retention requirements, can be moved to an archive that can be easily managed and will ensure sensitive data is not left unprotected on the network. Retention policies can be defined, and compliance teams can easily search and manage the content.

Without an integrated approach, there will be too many aspects to the workflow and too many areas that can fail when managing significant volumes of personal data.

Knowing what data is held, where it is and who uses it, is key to good data management. Without it, data storage will simply grow and grow, cluttering the network and costing vast amounts in storage solutions or worse still, data being held in multiple silos to keep costs down but, with the inevitable situation of data loss.

So, streamline data handling today, before it gets out of control.

Every organisation can benefit from added protection. Call us on 0844 586 0040, or email [email protected] and we’ll be happy to advise you.

Cybercrime

Is Your Data Being Secretly Manipulated?

So, you are alert to the threat of ransomware but, can you be sure that your data has not, is not and will not be, manipulated by outside forces?

More insidious than a ransomware attack is the hack where data or the network is compromised but is secretly hidden from view. The exploit can go unchecked for a long time, with information taken at will, the outcome of which may be very damaging for the victim company.

Such attacks fall under commercial espionage and the actors range from competitors, disgruntled employees, and even nation-states. Once in the network the attacker remains hidden and takes various approaches dependent on what is to be achieved. It is never the intention of the attacker to tell the victim that they have their data, but to remain hidden, indefinitely.

There have been instances where data has been monitored and fed back to the competition when a tender has been submitted or a change to pricing. Such information can be valuable, for example, when governments are placing large contracts.

Another example is where data is modified, resulting in expensive product recalls and loss of market confidence. It is likely that these attacks will convert into a blackmail scenario, where the victim is advised of the infiltration and possible data modification ramifications, should on-going payment not be forthcoming.  This is similar to a protection racket or extortion money!

These attacks generally occur due to the poor monitoring of network access and the missing of unusual events that are happening within the infrastructure. Frequently, incidents are flagged up, but due to the busy nature of many IT departments, they go unchallenged.

Companies need to protect themselves by being more proactive in stopping the unknown, rather than relying on known attack vectors which Antivirus and DLP solutions focus on. Fileless attacks are impossible for AV to detect and once triggered, look like a normal application able to hide themselves away and exploit at will.

There are solutions that are designed to understand what is normal on a network and take action on the unusual. They can take away the delay associated with SIEM solutions, as the required action is taken immediately rather than waiting for someone in the IT team to investigate, by which time, it is too late.

File integrity is another solution. Using file integrity monitoring you create a hash of the file itself, enabling you to be able to compare that hash. If it is the same, then you know no one has changed that file. Furthermore, you can apply classification, such as ‘Secret’, and should these types of files move, change or leave the organisation, an alert is sent to the data owners.

Companies face a continual stream of threats including, reputation, revenues, and future market share. Sadly, it often takes companies years to even realise they have had a breach, let alone know what data was affected. We need to stop thinking only in terms of data being taken and understand that it may also be manipulated.  Planning for the consequences of both scenarios is critical.

Protection rackets are no longer just in old films with Elliott Ness!  They are a clear and present danger and cannot be ignored!

Every organisation can benefit from added protection. Call us on 0844 586 0040, or email [email protected] and we’ll be happy to advise you.