cyber trends to that data , if that access is legitimate and who has responsibility for making decisions about access .
The challenge of locking down data
One oft-touted solution is to have the creators of data classify and tag it appropriately . However , this requires those responsible for tagging to understand what constitutes sensitive data , and not deliberately mislabel data to make access easier to avoid hassles caused by restrictions .
Adam Gordon , Country Manager ANZ at Varonis
The challenges were already big enough when all data was kept on-premises . IT and security teams could see when access to a particular dataset was broadened , or access rights changed . With data now typically spread across private and public cloud systems as well , the challenge is much greater .
Once a file has been given open access , it ’ s likely to be spread far and wide throughout an organisation . If it gets inserted into an email , it may become part of a widely-circulated email train .
It ’ s incredibly difficult for security teams to track and control access to data in such a scenario . Identifying and blocking all the user actions that result in open access to organisational data would be an impossible manual task . So , organisations turn to Artificial Intelligence and Machine Learningdriven user and entity behavioural analytics ( UEBA ) tools , but these are no instant solutions .
If the tools used are not sufficiently robust , they may fail to detect inappropriate data access , or generate masses of false positives that must then be resolved with large-scale manual interventions .
Another technological solution that addresses the consequence – not the root cause – of lax data access controls is data leak protection technology . This technology relies on file labels that specify how a file should be protected : whether it should be encrypted or whether certain operations on it should be blocked , for example .
However , automatic file classification systems are unable to apply these labels with sufficient accuracy and still rely on users to do so . There is no guarantee that users will apply the appropriate label to a file .
Of course , the first line of defence is making sure users do not extend access to data beyond what is necessary . Security awareness training should be implemented but not relied on . It ’ s only a matter of time before an employee will make a security mistake .
Working from home has only added to these pressures and potential distractions that can lead to unnecessary data access .
A better solution is to implement a least-privilege approach . If what the data users can access is limited , and the locations in which they can store data are limited , you will minimise your risk .
As the number of data breaches continue to rise , organisations should assume they are already being targeted by hackers . Restricting access to data is a key step organisations can take to reduce the level of damage from a successful breach . u
Ideally , access to data in any organisation should be restricted to only those who need it . www . intelligentciso . com
21