A risk based, data centric approach to security is a paradigm shift away from traditional “network or system” centric security. It is instead a combination of process and technology that focuses on information flow across business processes and human interactions. Its goal is to create and sustain a flexible, ongoing and continually improving security process that recognizes and reacts to changes in the internal and external environment and enables, not disables business processes.
The traditional network or system based approach to security continues to fail to protect sensitive data. For companies to substantially reduce the risk of information loss, they need to take a risk based, data-centric approach security. In other words, its about the data and understanding:- What sensitive data exists, and where it is located
- What user is taking what actions with sensitive data
- Where is the sensitive data going
- What controls are needed to mitigate the risk of the users actions
With this holistic understanding, or data-centric “visibility” organizations can, for the first time and in a meaningful way, define and apply data security policies to users who interact with sensitive data including “privileged users,” contractors, outsourcers and partners.
Digital Guardian Data Protection Software Enables A Data Centric Process
Digital Guardian enables companies to implement a data centric security process through its unique ability to provide:
- Actionable data discovery and classification
- Global visibility into data movement and user activities
- Central and flexible policy enforcement
Actionable Data Discovery and Classification
Digital Guardian includes both “context” and “content” based data discovery and classification. Data classification policies are created and enforced by Digital Guardian Agents. Context classification allows you to discover and classify files based on source application, server, path, file type and user identity. Content based classification allows you to discover and classify files based on keyword, pattern, dictionary and document similarity.
Global Visibility into Data Movement and User Activities
Digital Guardian Agents monitor and record all user activity related to system operations that interact with the file, networking, clipboard, printing and media subsystems offering complete visibility into data activity, location and movement.
Central and Flexible Policy Enforcement
The Digital Guardian data protection software protects data through configurable policies delivered from the central server. Policies can be configured from broad to discrete, and enable full control over data usage at the “point of use” both on and off-line. Digital Guardian rules can alert users to risky activities and policy violations before action is taken; giving the user the ability to alter their behavior without interrupting business processes, or block user actions outright when policy violations are repeated or severe. Flexible Policy violations trigger notifications to appropriate administrators, and all related activities are logged.
The Data Centric Process
Because the normal state of business is change, the data centric process that is enabled by Digital Guardian is critical to the overall protection of sensitive data. Employees are hired and fired, companies are bought and sold, products are launched and reach end of life, government regulations grow and change and external threats keep getting more dangerous. For all of these reasons, a technology alone can't protect a company's digital assets. Technology must enable a data centric security process and the security process must be continually improving to handle environmental changes and counter new threats. The data centric process consists of six continually maturing steps:
1 Monitoring and Visibility
2 Analysis and classification
3 Policy Definition
4 Rules and Controls
5 Business Process Integration
6 Interaction with Users and Changing Behavior
Monitoring and Visibility
IT, Business and Operations managers, through Digital Guardian's reporting interface, gain access to how where sensitive data is locations and how it is being used. In the early stages of a Digital Guardian implementation, companies will deploy Digital Guardian data protection software Agents in "monitor" mode, and after a few weeks of collecting have what is often described as an "eye opening experience." Most customers find sensitive data in locations, and being used in ways that they did not and could not have known. They quickly realize hidden risks, security system shortfalls and threats that could all spell disaster. At the same time, Digital Guardians “data discovery” capabilities work behind the scenes to search out and find sensitive data across laptops, desktops and servers. Armed with this combined information, managers for the first time, get a holistic look at the data and gain real understanding of the dynamics and risks of where that data lives, how it moves and how it is being used.
Analysis and classification
The next step in the process is putting this holistic visibility to work. Digital Guardian, by delivering multiple views of data usage and user activity from aggregated hi-level trends all the way down to individual usage reports, enables managers to analyze large amounts of data and recognize existing risks, new threats and the effectiveness of data security policies and controls. Reports are configurable and formatted for interpretation by more than just security experts. The real value is when meaningful data can be shared with business line, operations and audit managers so a common understanding of risks and threats can be defined and assessed.
Digital Guardian's flexible and actionable data classification capability also enables the alignment of business, IT, Operations and audit on how to describe sensitive data. Multi-level classification standards are then implemented in Digital Guardian, and as data is discovered "at rest" or "in use" by Digital Guardian Agents, it is tagged the appropriate classification so that policies can be properly applied.
Data Security Policy definition
Creating, implementing and continuously improving data security polices is critical to the success of a data centric security program. Because of the constantly changing business environment and threat challenges, security polices in the past have been little more than pieces of paper signed and filed away or security policy manuals collecting dust on a shelf. When Managers have data protection software that can analyze and classify sensitive data and offer real visibility into where risks and threats exist, they can begin to build realistic and actionable data security policies. Digital Guardian's highly flexible policy engine can define, implement, adjust and improve data security policies over time. These policies are the high level definitions of the compensating controls that protect data.
Rules and Controls
Once security policies are defined or updated, IT managers implement the policies as rules within Digital Guardian. These rules are automatically enforced based on user, group, activity and data sensitivity. Digital Guardian rules are data security controls enforcing both security and compliance policy across the extended enterprise. Digital Guardian rules once activated take only a few hours to migrate across all Digital Guardian agents offering immediate response to new threats or changes.
Integration in the business process
A data centric security process must work in coordination with and support of a company's many complex business processes. Digital Guardian rules are flexible in that they can be aligned with processes and enable greater sharing of sensitive data. They are automatically enforced at the user level and in real-time so that they can warn a user of a risky activity and offer an alternative action. They support and enable the business process, and equally important they ensure the integrity of the data that flows through each process.
 | Digital Guardian Block
Alert users that they have violated security policy and their actions have been blocked and recorded. Block risky actions before they occur.
Digital Guardian Reminder Control
Reinforce good behavior in an enabling model. Deliver real-time user training on corporate and regulatory policy.
Digital Guardian Warning Control
Warn users of potentially risky actions before they are carried out. Deter by announcing their actions have been recorded. Optionally force users to take responsibility for their actions with justifications that also offer feedback to Security Managers.
|
People and Actions - Changing Behavior
The most critical piece of the security process is the ability to effectively change user behavior. It is after all the people, not the network, not the firewall and not the information, that create risk – but they also enable business. People put data at risk for three primary reasons: 1) They are strapped with a bad and preventative process and in trying to get their work completed find creative ways to bypass it. 2) They are untrained as to data security risks and policies and therefore will unknowingly put data a risk. 3) Their honesty is compromised by perceived mistreatment or enticement by third parties and they knowingly put data at risk.
Digital Guardian data protection software offers uniquely flexible models for delivering automated data security controls to users. These risk appropriate warnings can be configured to enforce corporate polices, offer alternative approaches to completing tasks including forcing security system usage like VPNs or automatic encryption of emails or files, reinforce training of compliance rules like HIPAA and PCI and deter improper activities. All of these control implementations occur before the data is put at risk. Once the improper action on sensitive data on the network, on a device or in a web mail is taken - the information is compromised. Warnings, justifications and blocks, to meaningfully prevent data loss must occur before action is taken.
The Foundation to Enable Business
When Digital Guardian is implemented and a data security process put into action, companies can move beyond the traditional notion of data security as “prevention” to data security as a business enabler.
Unlocking Sensitive Data – Enabling Business
Digital Guardian data protection software is the cornerstone of your security technology and when integrated into a data-centric security process becomes the foundation of enabling business agility by unlocking your sensitive business information and putting it to work. The foundation, the integration of Digital Guardian and a data centric security process enables:
- Visibility to sensitive data and its usage across the enterprises
- The creation and implementation of automated data security policies, rules and controls within the context and support of your business processes and not as preventive security.
Employees, contractors, partners and outsourcers are alerted proactively and in real-time to high risk behavior, trained to understand compliance and corporate policy violations and offered alternative and preferred processes to complete their tasks. With the security foundation in place, companies can implement uniform and meaningful protection for intellectual property, privacy information and company secrets through our data protection software. This data is protected against loss or compromise from and by: - The insider threat and improper privileged user activity
- Threats and risks associated with sharing sensitive data with third parties
- Risks created by users due to poor process, lack of training or policy awareness
As companies mature their data security process and implement risk mitigating controls across the extended enterprise, line of business and operations managers are able to share previously “locked down” data in more collaborative environments enabling increased business agility through not only improved new product research, design and manufacturing but also improved cost management as they confidently and in provable compliance share privacy data with lost cost off-shore outsourcers.
|
