Gaining visibility and knowing where your sensitive data is will make securing that data all the more easier as well as help meet compliance regulations such as PCI, NYDFS, HIPAA, GDPR and CCPA.
The traditional boundaries of the enterprise are disappearing. Data is everywhere, on the network, on endpoints and now in the cloud. Gaining visibility into your data flows is a vital first step to understanding which data is at risk for theft or misuse. Knowing what data you have, where is it located, and why it exists is a critical to properly protect it. This is why data discovery and classification is such a critical step to protecting your data.
Knowing what, where, and why of your data is an important foundation and the key outcome of your data discover initiative. Data classification for unstructured data (files) allows you to scale your DLP security solution. File tagging for unstructured data can be used across your environment from endpoints to shared drives which gives you visibility into data across all of your infrastructure so you can apply appropriate DLP policies.
Data discovery and classification for databases is just as important and sometime overlooked. Tools such as IBM Guardium allow you to scan your databases for sensitive PII/NPI data such as SSN, DOB, credit card numbers. Once discovered you can set up monitoring policies and integrate the alerts to your SEIM (QRadar or Splunk).
Benefits of Data Classification
- Increase awareness of the value and sensitivity of data
- Assists with compliance and regulations
- Reduce costs (protect, archive and store data only what you need)
- Prevents inadvertent and malicious data leaks
- Promotes compliance as a corporate culture (internally as well as to the auditors)
- Be able mask and encrypt sensitive PII/NPI data