Understand where data exists:
Organisations can’t protect sensitive data unless they know where it resides and how it’s related across the enterprise.
Safeguard sensitive data, both structured and unstructured:
Structured data contained in databases must be protected from unauthorised access using data transformation techniques such as masking or encryption. Unstructured data in documents, forms, image files, GPS systems and more requires privacy policies to de-identify or mask sensitive data while still allowing needed business information to be shared.
Protect non-production environments:
Data in nonproduction, development, training and quality assurance environments needs to be de-identified or masked, yet still usable during the application development, testing and training processes.
Secure and continuously monitor access to the data:
Enterprise databases, data warehouses, file shares and Apache Hadoop-based systems require real-time monitoring and policies to ensure data access is protected and audited. Policy-based controls (like masking or connection termination) based on access patterns are required to rapidly detect unauthorized or suspicious activity and alert key personnel. In addition, data sources need to be protected against new threats or other malicious activity and continually monitored for weaknesses.
Demonstrate compliance to pass audits:
It’s not enough to develop a holistic approach to data security and privacy. Organizations must also demonstrate and prove compliance to third-party auditors. By employing a data protection strategy across all areas and all types of data, organisations can ensure enterprise data is kept secure and protected.
Data privacy across the enterprise News headlines about the increasing frequency of stolen information and identity theft have focused awareness on data privacy breaches and their consequences. Protecting data privacy is no longer optional - it’s the law.
Organisations must have procedures in place to protect privacy in databases, applications and reports in both production and nonproduction systems to comply with data privacy regulations and avoid risk. As data-breach headlines continue to mount, it is clear that data is the most vulnerable enterprise asset. Organisations need to adopt a policy-driven, on-demand masking approach to proactively protect data privacy and support compliance, especially in a computing era where data is everywhere and growing in volume, variety and velocity.
Data masking is the process of systematically transforming confidential data elements such as trade secrets and personally identifying information (PII) into realistic but fictionalized values. Masking enables receipts of the data to use “production like” information while ensuring compliance with privacy protection rules. Data masking represents a simple concept, but it is technically challenging to execute. Most organisations operate within complex, heterogeneous IT environments consisting of multiple, interrelated applications, databases and platforms. Organisations do not always know where confidential data is stored or how it is related across disparate systems. The ideal solution must both discover sensitive data across related data sources and mask it effectively.