Use Data-Centric Security With People-Centric Policies

Use Data-Centric Security With People-Centric PoliciesIf you have experienced a data breach, you may have suffered irreplaceable loss of intellectual property, losing customer and business partner trust, incurring considerable fines, decreases in revenue and drops in share prices.  This doesn’t even include the cost of recovery and remediation to your information and infrastructure.

Although most organizations invest a lot of time and money implementing information security solutions, significant security threats remain as major risks.  Why is that?

Conventional approaches to security focus on protecting network and system boundaries, but with today’s mobile workforce, defining the boundaries of a corporate network are almost impossible. We have entered the age of the borderless enterprise. Cloud and mobile computing, insider threats and advanced persistent threats (APT) are forcing organizations to review and re-shape existing security frameworks to overcome challenging security issues and prevent data breaches.

Using a multi-layered approach to information security that focuses on the data rather than the perimeter is a better way to address these threats.  Let’s face it, hackers and other malicious people don’t want to steal your devices, they want your data.  A data-centric security model with people-centric policy protects, controls and traces an organization’s unstructured data, which according to IDC and Gartner, can make up 80% of an organization’s information.

This approach allows you to implement effective file-level security policies and granular permission control for all data types regardless of location. This protects the data itself rather than controlling access to networks and systems. Protecting data at the time of creation helps mitigate risk and reduces the likelihood of a data breach.

Here are a dozen advantages of using this multi-layered approach:

clip_image001 Discover sensitive data on devices and in repositories

clip_image001[1] Classify data based on content and context

clip_image001[2] Control who can View, Edit and Print information

clip_image001[3] Dynamically control who can access a file regardless of location

clip_image001[3] Restrict unauthorized copy and paste attempts of protected content

clip_image001[3] Prevent unauthorized screen capture attempts while protected documents are in use

clip_image001[3] Enforce the security of protected documents on derivative files

clip_image001[3] Limit file access using validity time or device ID

clip_image001[3] Revoke access to protected documents immediately

clip_image001[4] Trace and control user/file activities in real-time

clip_image001[5] Determine your risk index through data usage analysis

clip_image001[6] Mitigate risk by correlating multiple possible data breach scenarios

 

Controlling the data is the best way to enhance your information security.  Augment your existing frameworks with a data-centric security model using people-centric policies.  It gives you the best defense against a data breach.

 

Photo credit uhh

Leave a Reply