Technology trends such as personal mobile devices and cloud-based services are creating an explosion in the volume of digital data created and stored by both individuals and organisations. Gartner describes this human-generated and people-oriented content as “unstructured data”. In today’s IT environments this takes many forms: from business documents and email to images, videos and more. Reports calculate the rate of growth for unstructured data in modern IT environments is around 40 per cent year-over-year.
Such rapid growth has serious implications not just for current and future data management, but for IT security too. Up to 78 per cent of organisations have little or no understanding of what is going on across their unstructured data and file shares.
Yet without proper visibility into who does what and who accesses what, it becomes extremely hard to maintain security and control data access. As a result, the market for file share analysis technology to help organisations understand and manage unstructured data is growing rapidly. It is expected to reach $400 million by the end of 2017. Here are five key steps enterprises can take towards securing unstructured data and file shares:
- Assess security risks. With so much data, it is extremely important to define and prioritise risks to secure what matters most. Identify which data is business-critical and which is most at risk. Then find out where that valuable and vulnerable data is stored so you can allocate more resources to protect it. If you need to meet with any regulatory requirements, be sure any security measures taken comply with the corresponding standards.
- Optimise file storage. If left unmanaged, unstructured data can quickly become extremely costly in terms of storage. To optimise file storage space, critically evaluate your data to identify information that can be archived or permanently deleted, such as rarely used files, duplicate documents and empty folders. Removing unnecessary information will not only cut file storage costs, but also decrease the attack surface for bad actors and reduce the risk of overlooking critical changes.
- Use the least privilege principle. Rigorous control over access to critical data is essential to file share security. Determine what access privileges users really need, and limit their permissions to the absolute minimum required to complete their current tasks.
- Analyse user behavior. Without profound insight into user behavior, firms risk missing inappropriate or malicious insider activities. Studies reveal that employee mistakes or a deliberate abuse of privileges are behind 60 per cent of security incidents. Systems that allow administrators to maintain a close watch on what users do in the IT environment will help quickly identify suspicious activity (such as large-scale data deletions or a spike in the number of failed read attempts) that could indicate an attack in progress, so you can respond before it inflicts considerable harm.
- Review and update permissions regularly. As business processes change and employees shift roles and responsibilities within the organisation, user privileges need to be kept up-to-date in a timely fashion.
For optimal access control, you group membership and permission assignments should be regularly reviewed, along with any permissions assigned directly to individuals to ensure they stay in sync with business requirements.
No matter what security mechanisms an organisation has in place, there will always be risk of malicious activity by insiders or external hackers. In our customers surveys the vast majority of government departments admit that visibility into user activity is a vital part of keeping file shares secure. Without a clear understanding of what‘s going on in their IT environments, no one can be sure of keeping sensitive data under control especially when utilising powerful technologies like cloud.
The spread of BYOD has only served to make things worse. As more employees use their personal devices to access and share corporate data, so the organisation’s attack surface increases. The inability of IT to control the applications used by employees makes personal devices an area of significant risk.
Deep visibility into unstructured data combined with user behavior analytics can help them beat this challenge and mitigate the risk of data leakage by validating security policies, increasing user accountability, and detecting insider and outsider threats at early stages.
In summary, it is essential to remember that ensuring control over unstructured data is a never-ending process. All activities listed above have to be performed on a regular basis. Once all five steps are completed it is time to start all over again. Achieving the highest possible level of security requires continual monitoring for potential vulnerabilities and threats, combined with advanced protection with deep visibility and data governance to minimise the risk of data leaks.
Michael Fimin, CEO and co-founder, Netwrix
Image source: Shutterstock/alexskopje