By Sridhar Muppidi and Sandeep Patil
Data has emerged as the crown jewel for every organisation. Most modern-day cyberattacks revolve around data, making protecting enterprise data via a holistic and comprehensive data security approach a prerequisite. Further, as Indian businesses prepare for a new era in data protection with the Digital Personal Data Protection Act 2023 rollout, data security and privacy have never been more critical.
The following key concepts must be understood and incorporated to formulate a comprehensive data security strategy.
- Discovery: The ability to discover sensitive data across all the structured and unstructured data sets, including the network. Data discovery will enable comprehensive classification and risk-based protection of business data.
- Protection: Ensuring the protection of sensitive data via encryption and using key management with secure key storage and rotation policies. Data protection also includes access management to data, as well as secure backup of the data.
- Detection: The ability to detect data misuse via continuous monitoring and techniques like risk analytics, user behavior analytics, or other advanced analytics, followed by alerts on violations.
- Response: The ability to respond via incident or case creation with comprehensive tracking. The response also includes creating dynamic playbooks and orchestration or automation abilities for prompt responses, including actions over multiple systems.
- Compliance: The ability to comply with industry or government regulations, which include reporting, logging, and auditing, as well as data retention policies.
- Governance: Governance requires data security policies at the organisational level that define data sensitivity/classification and map it to the required data protection. Resiliency of such data and the ability to recover them when needed are also critical elements of governance.
Also read: Unlocking the power of data security for accelerated business growth
A holistic solution encompassing the above concepts leads to a cyclic ecosystem continuously improving an organisation’s data security posture. The data security solution should also include the integrated use of various security technologies like Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Data Loss Protection (DLP), Identity and Access Management (IAM), Intrusion Detection and Prevention Systems (IDPS) to enable comprehensive security to identify, protect, detect, respond, and recover data.
Storage Infrastructure and Data Security
Every component in the overall IT stack needs to participate in the data security paradigm, particularly enterprise storage systems. Storage systems (on-premises, on-cloud, or hybrid) are home to all business data and are essential in enabling the data security considerations mentioned above. As a result, there is a need for storage systems with targeted cybersecurity functionalities that can be integrated with the overall security ecosystem. Some of the critical functionality include:
- Cyber Resiliency: Fortifying storage systems to withstand, adapt to, and recover from disruptions while maintaining the confidentiality, integrity, and availability of data. Cyber resiliency also includes auditing, monitoring, and the ability to recover promptly from cyber threats or incidents, encompassing strategies such as backup, redundancy, and rapid response mechanisms.
- Data Classification and Tagging: This refers to the classification and labeling of sensitive data based on business requirements.
- Encryption: This includes data encryption for data-at-rest, data-in-motion and data-in-use with key lifecycle management best practices.
- Data Masking and Redaction: Masking or redacting sensitive information as per business needs should be possible.
- Access Control and Authentication: Implementation of role-based access control and adaptive multi-factor authentication.
- Threat Detection: The ability to have inbuilt threat detection capabilities (such as for ransomware) and to complement these via SIEM integrations.
- Secure Deletion: Ensuring no data remanence upon data deletion is especially important when managing sensitive customer data.
- Security Ecosystem Integration: This calls for tighter integration with the security ecosystem and capabilities such as SIEM, SOAR, DLP, IAM, IDPS, Antivirus and Antimalware, and Firewalls.
In conclusion, a comprehensive data security strategy, including discovery, protection, detection, response, compliance, and governance, is essential. Data security encompasses the entire IT stack associated with the data lifecycle, where the role of storage infrastructure is pivotal, requiring functionalities that integrate with the broader security ecosystem.
(The authors: Sridhar Muppidi is IBM Fellow and CTO at IBM Security Software & Sandeep Patil is Master Inventor, IBM STSM. Views expressed are the authors’ own and not necessarily those of financialexpress.com.)
