The expanding digital universe, comprising of the data we create and copy annually, is doubling in size every 12 months. It is expected to reach 44 zettabytes (that’s 44 trillion gigabytes) by 2020 and contain nearly as many digital bits as there are stars in the universe.
It is widely cited by analysts, (including Gartner & IBM Research), that approximately 80% of an organisations data today is unstructured and it is anticipated that this will increase to 90% by the end of the decade. Think of all the word processing documents, emails, PDFs, PowerPoint presentations and other documents that hold sensitive data to your business. This is a big data problem, to say the least and as this level of unstructured data rises and hackers shift their focus to it, unstructured data is an issue that can no longer be placed on the IT back burner.
Understanding Your Unstructured Data
Organisations who lack basic visibility and have little or no understanding of what is going on across their unstructured data are at risk. Without proper visibility into who does what, and who accesses what, it becomes extremely hard to maintain security and control data access. If an organisation cannot see data, how can it measure it or manage it?
When it comes to unstructured data, the three most important questions that an organisation needs to be able to answer are:
- Do you know with a high degree of certainty, who has access to those files?
- Do you know who has viewed, copied or edited them lately?
- Can you control exactly who does have such access?
How to Secure your Unstructured Data
If your company has private or sensitive information in unstructured files and cannot answer the above three questions, you might be at risk of letting inappropriate people access that information. But not to worry because here are five key steps your company can take towards securing unstructured data and file shares:
- Assess security risks: Identify which data is business-critical and which is most at risk. Then find out where that vulnerable data is stored so you can allocate resources to protect it.
- Optimise file storage: Critically evaluate your data to identify information that can be archived or permanently deleted, such as rarely used files, duplicate documents and empty folders. Removing unnecessary information will not only cut file storage costs, but also decrease the attack surface for bad actors and reduce the risk of overlooking critical changes.
- Use the least privilege principle: Determine what access privileges users really need and limit their permissions to the absolute minimum required to complete their current tasks.
- Analyse User and Entity Behaviour (UEBA): Without knowledgeable insight into user and entity behaviour, organisations risk missing inappropriate or malicious insider activities. Studies reveal that employee mistakes or a deliberate abuse of privileges are behind 60% of security incidents. It’s important to have systems in place that allow administrators to maintain a close watch on what users do within the IT environment to help quickly identify suspicious activity (such as large-scale data deletions or a spike in the number of failed read attempts) that could indicate an attack in progress, enabling you to respond before it inflicts considerable harm.
- Review and update permissions regularly: User privileges need to be kept up-to-date in a timely fashion, group membership and permission assignments should be regularly reviewed, along with any permissions assigned directly to individuals to ensure they stay in sync with business requirements.
Data Risk Assessment
Still not sure how to tackle unstructured data and mitigate the risk of data leakage – Asystec can help! See how you measure up with a Data Risk Assessment. Asystec can:
- Identify and prioritize at-risk areas like global access, stale data, and inconsistent permissions.
- Discover overexposed and at-risk sensitive & classified data, including PII, HIPAA, PCI, and more.
- Review access controls and authorization processes and find out where you can improve.
- Analyse folder and file access to determine where you’re most at-risk and easily reduce your risk profile.
- Expose data vulnerabilities so that you can be confident in your data security.
No matter what security mechanisms an organisation has in place, there will always be risk of malicious activity by insiders or external hackers. Gaining visibility into unstructured data and combining this with UBEA, can help organisations beat this challenge and mitigate the risk of data leakage. This process needs to be an ongoing exercise to achieve and sustain the highest possible level of security that today’s IT landscape demands.
Asystec help customers with their compliance and security requirements by focusing controls and remediation on a customer’s key data assets. We take a data-centric approach to better understand the data, gain insight into the risks associated with it, and put controls in place to give confidence to the business that they are not only fulfilling compliance needs but also increasing security and reducing risk.
For more information on how Asystec can support your organisation in Unstructured Data Management or to arrange a free Data Risk Assessment contact our security team on 1800 844 321 or firstname.lastname@example.org