Skip to main content

DATA INSIDER

What Is Data Security?

Data security is the discipline of protecting data from theft, deletion and corruption. The practice is increasingly essential due to the considerable value that big data has in the modern enterprise. Whether it’s consumer or financial data, or some form of intellectual property, ensuring data remains secure and intact is now an essential business practice.

Data security incidents are on the rise. In January 2021 alone, more data was compromised by hackers than in the entire year of 2017; 2021 has since broken numerous records when it comes to data breaches. Data is the lifeline of every business today, and if it is lost or stolen, the consequences can be disastrous. A variety of tactics can be used to protect data, but ultimately the enterprise requires a combination of smart business strategies and technological tools to ensure data is kept safe.

In this article, we’ll discuss the increasing importance of data security, key data security regulations, the intersection of security and privacy, and specific methods and security technologies required for protecting data in the enterprise.

What Is Data Security? | Contents

Why is data security important?

Data security is important because data carries immense value. A typical business will carry its strategic plans, customer information, competitive analysis, intellectual property, personally identifiable information (PII) and other sensitive information in digital format. If that data is lost or falls into competitors’ hands, the cost to recreate that data would be immense.

Data also carries risk-related costs. If data is breached or otherwise lost, organizations face stiff financial penalties. A major breach severely impacting a business’s ability to operate is already costly, but in addition, businesses also face steep secondary costs that include damage to brand and reputation, loss of customer trust and remediation expenses.

Finally, cybersecurity attacks such as ransomware are omnipresent problems that every business grapples with. Ransomware authors in particular rely on algorithms that encrypt business data and hold it hostage until a ransom is paid, after which the attacker (theoretically) decrypts the data and returns it to the business. Many businesses elect to pay ransoms — some upwards of $4 million — while many others refuse to pay the ransom and instead attempt to recreate the lost data or get by without it. Ignoring a ransomware attack also comes with consequences. The city of Baltimore refused to pay a ransom of about $76,000 to recover encrypted data, electing instead to invest in recovery efforts costing an estimated $18.2 million.

What are the biggest data security threats?

Data can be impacted in a number of ways. Here are some of the biggest threats to data security:

  • Malware: Malware attacks, which range from simple viruses to sophisticated ransomware exploits to phishing and social engineering tactics, exploit system vulnerabilities to infiltrate a network and abscond with the enterprise’s data.
  • Hardware failure: Physical devices like hard drives, memory cards and even tape will eventually fail, destroying any data stored on them along the way. Power failures and natural disasters can also result in data loss.
  • IoT threats: A new connected environment might come with conveniences, but also exponentially broadens the attack surface. IoT implementations often lack adequate security controls, or bolt on security as an afterthought.
  • Improper backup protocol: Backups are a key solution to outages and natural disasters, but many organizations fail to implement a proper backup strategy. Among other things, backup protocol should include offline backups and regular testing of the restoration process.
  • Device theft or loss: Desktops are far from the only device that users access today — data can be accessed through laptops, smart phones, watches and other mobile devices. While these trends provide day-to-day conveniences, they also exponentially increase attack surfaces and the likelihood of data being stolen or compromised.
  • Misconfiguration: As virtual servers are spun down and configuration changes are made in cloud environments, administrators can easily make mistakes that unintentionally delete or compromise data.
  • Accidental deletion/data erasure: Finally, data erasure can simply and easily occur by accident. In 2020, the Dallas, Texas Police Department accidentally but permanently destroyed eight terabytes of criminal and other legal investigation data, attributed to an employee who didn’t follow the proper procedures for migrating server data.
data

The wide range of desktops and mobile devices used in the enterprise expand the attack surface and increase risk of data loss or theft.

What are the benefits of data security?

Data security not only prevents financial loss; keeping data safe also empowers organizations to make strategic decisions. Data that is properly secured is more trustworthy because the enterprise is confident that it has not been corrupted or compromised. Secure data also prevents organizations from violating compliance mandates and incurring costly financial penalties. And secure data also provides a critical backbone for the business when it comes to making strategic decisions, such as choices about creating new products or entering new markets.

What is the difference between data privacy and data security?

While data security is related to keeping any type of data safe from attack or corruption, privacy is related to the safeguarding of personally identifiable information and, specifically, the proper usage of that information.

Data privacy and data security can often be independent of each other. For example, data can be fully secured against outsiders, but if it is misused internally by an organization, organizations can be found in violation of privacy mandates, such as the European Union's General Data Protection Regulation (GDPR). Similarly, an enterprise may suffer an attack that compromises its consumer data; which might be a security breach, but not a privacy violation.

That said, security and privacy often go hand in hand. An attack that results in a stolen consumer database containing credit card numbers and personally identifying information is both a security and privacy breach.

What are the types of data security for business?

A number of tools and technologies should be used in the enterprise to ensure data security, including the following:

  • Access management, access controls and authentication: These tools are familiar to most computer users in the form of username and passwords. Biometrics, multi-factor authentication and other forms of user validation are other examples.
  • Backup technology: High-quality backups can be the difference between an outright disaster and a minor hiccup in the enterprise. Backups should be stored offsite (and preferably offline) to insulate them from damaging cyberattacks and must be tested regularly to ensure effectiveness.
  • Encryption keys and other tools: Essential for any type of sensitive data, data encryption tools conduct data masking using near-impossible ciphers so that even if it is compromised, it is useless to the attacker.
  • Physical security: Locks on doors, security systems and other solutions that keep physical hardware protected are essential for any business.

What is data security compliance?

Compliance is a broad term that describes the methods by which an organization follows various standards and regulations; data security compliance refers specifically to laws and rules around how data is used and kept secure. Data security compliance is most commonly applicable to customer data, but it can also apply to employee data and other types of business data.

Regulatory compliance, or data security compliance, has become a critical topic in the enterprise as a variety of laws and regulations have recently been enacted in response to years of headline-grabbing privacy violations, data breaches and cyberattacks. Today there are numerous regulations, including GDPR, HIPAA, and others, which are designed to protect consumers from the misuse of their personal data — and to penalize companies that do not take the proper steps to adequately protect it. These regulatory requirements outline the security measures that should be taken during the storage of data, how it can be shared and what to do in the event that it is breached.

Some of the most critical data security compliance rules include:

  • GDPR: Europe’s General Data Protection Regulation was enacted in 2018 and has since become a model for privacy rules around the world. GDPR establishes sweeping policies around data access and the protection of consumer data and establishes stiff financial penalties for noncompliance.
  • CCPA: The 2018 California Consumer Privacy Act provides Californians the right to access all data collected on them, along with information shared about them with third parties. As with GDPR, it does not matter if the company is based in California; if that company does business with California residents, it must comply with CCPA. A new rule, CPRA (California Privacy Rights Act), will expand on these regulations when it goes into effect in 2023.
  • HIPAA: One of the oldest data compliance laws, dating back to 1996, the Health Insurance Portability and Accountability Act establishes protocols for the safe storage of health information and healthcare records — and stipulates major fines (and even jail time) for violations.
  • FISMA: The Federal Information Security Management Act of 2002 was enacted to set minimum data security standards for government agencies and contractors.
  • PCI DSS: The Payment Card Industry Data Security Standard, which dates back to 2004, is designed to establish minimum security levels for the storage of credit and debit card information. Companies that store payment card information must comply or risk losing their ability to accept payment cards.
  • SOX: The Sarbanes-Oxley Act was enacted in 2002 to reduce and prevent corporate financial malfeasance. The regulation primarily establishes rules around financial reporting for public companies, as well as compliance rules around financial record keeping and other business information (including emails and instant messages) that may be of interest during auditing season.
data-health

PCI DSS establishes broad data security standards for businesses processing and storing payment card information

What are the primary data security tactics and best practices?

An IT organization must consider and follow best practices to ensure data is kept safe, including:

  • Protect the data directly: A strong perimeter security system in the form of multi-level user authentication, firewalls and intrusion detection is necessary and a good start — but the data itself must still be protected to prevent threats from making it through defense systems (including unauthorized access by insider threats). Encryption as well as data loss prevention DLP (McAfee, Symantec, IBM and others have offerings) protecting all data at rest and in flight are crucial.
  • Invest in strong data tools and technologies: Security analytics and automation, powered by machine learning, can standardize routine security functions so analysts can turn their attention to bigger problems and more critical threats.
  • Ensure regular backups and test them constantly: Backups are critical for protecting data against everything from hard drive failure to ransomware attacks. Backups should be performed at least daily, kept in a different location than where the data resides, and tested regularly to ensure that data is not corrupted. Many of these functions can be conducted via automation.
  • Properly dispose of retired media: At one time, hard drives sold on aftermarket sites like eBay would regularly have their original data intact. While that happens less frequently now, physical media that is being retired should be completely encrypted and/or overwritten with multiple passes before being wiped.
  • Train users regularly: The principles of strong data security need to become a core part of the enterprise fabric through regular user training. Security procedures should be formally documented and regularly updated. Organizations also need to implement a strong data governance strategy, which is then effectively baked into all employee training.

How is data security affected by the cloud?

The cloud has complicated data security for many organizations. While the cloud is not inherently less safe than on-premises data centers, it does present new challenges from a security perspective.

The primary concerns around cloud security are those of observability and visibility. In the data center, an enterprise has a more refined level of control over its documents; a connection to the outside world can be severed by literally “pulling the plug” on the server, and if a hard drive fails, it can be physically replaced. In the cloud, data typically exists in a nebulous ether. Are backups being performed properly? Is security as good as the provider claims? In many cases, the organization simply has to trust that best practices are being followed.

Some security risks are essentially the same in both the cloud and on-premises environments. For example, insiders represent a similar threat whether they are accessing data on-site or online. The enterprise must also work to ensure credentials are managed properly both in the cloud and on premises, and that only authorized users are given access to cloud-based data stores.

Conversely, the cloud has reopened the doors to so-called shadow IT. The ease and low cost of signing up for all manner of cloud services can often lead to an enterprise’s data being scattered across hundreds of sites. As of July 2021, Netskope reported that the typical enterprise (with 500 to 2000 employees) was actively using 805 different cloud services each month, 97% of which were shadow IT apps.

Despite these valid concerns, the cloud can be a perfectly safe place for data to reside, and many services provide training tools to get organizations up to speed quickly. Thus, most practitioners now say they feel the cloud is safer than on-premise alternatives.

What are some enterprise data security solutions?

Some of the key tools used to secure organization's data include:

  • Firewall: The first line of defense between the organization and the outside world, a firewall is a network security system that controls and monitors incoming and outcoming network traffic.
  • Anti-malware: Classic anti-malware/antivirus tools should be installed on every desktop as well as at the server level.
  • Intrusion detection system: Intrusion detection tools are key for determining whether a breach has made it past your primary defenses, as well as preventing further damage from occurring.
  • Multi-factor authentication: Requiring multiple layers of access will help safeguard systems from unauthorized insiders as well as external threats.
  • SIEM: Security Information and Event Management (SIEM) tools are used to analyze security and operational logs in real time, aggregating activity so analysts can have visibility into all phases of the threat lifecycle from a central dashboard.
  • Encryption tools: All sensitive data should be encrypted regardless of where it resides.
  • Backup system: In the ransomware era, backup solutions have become absolutely critical.
siem-dashboard

SIEM tools can analyze security incidents in real time, providing visibility into all aspects of the environment.

How do you implement a strong data security strategy?

A strong data security strategy begins with a business case for data protection. Data must be identified (wherever it resides) and risk must be assessed for each dataset to determine where the business prioritizes the allocation of resources and the specific tactics that need to be taken to improve its security. From there, the organization needs to make data security a core part of the corporate culture with consistent user training and reinforcement of security policies. Putting key data security solutions, such as SIEM, encryption and backup, into place and maintaining them appropriately is a critical final step.

The Bottom Line: Data security is fundamental to every business

Data is a critical component of every enterprise, large or small, making data security a key business function. The threats to enterprise data are greater than ever, and any organization that fails to take measures to keep that data safe from corruption, loss or theft runs the risk of disrupting or halting operations. Data security is as much about culture as it is about specific tools, and attention to both is essential when developing a comprehensive security strategy.

What is Splunk

 

More resources