Locating and identifying sensitive data, including defense-in-depth strategies where a series of mechanisms are layered to protect valuable information, should be a critical component of any cloud data security strategy, say experts at Aparavi, the company behind the award-winning Aparavi Data Intelligence and Automation Platform.
Data security refers to protecting digital information from unauthorized access, corruption or theft throughout its lifecycle. Cloud data security focuses specifically on protecting digital information “in the cloud.” With cyberattacks increasing in both sophistication and frequency, and regulatory requirements regarding the privacy of and access to data more complex (and fines more expensive), organizations need a better way to overcome the challenges of securing their data regardless of whether it resides on premise, at the edge or in the cloud.
CIO INFLUENCE: Ericsson presents a Green Financing Framework
Much of the data in the cloud is unstructured and highly vulnerable to cyber threats. Unstructured data can include anything from emails and FedEx receipts to sensor data and social media feeds. It often contains files with personal or sensitive information, like personnel documents, school records, credit card information, medical history and other personally identifiable information. With the exponential growth of unstructured data and increases in the number of users and devices generating, accessing and using it, the number of vulnerabilities and opportunities for attack have risen dramatically as well.
“Whether data resides on on-premise servers or in the cloud, no amount of cybersecurity protection will help if you don’t know what you have,” said Adrian Knapp, CEO and founder of Aparavi. “Thanks to data silos, shadow IT and other factors, many organizations don’t know where their unstructured data resides, what their unstructured data contains, who has access to it or how often it’s being accessed. To mitigate the risks associated with unstructured data – and meet compliance, data security and privacy requirements – organizations need to deploy IT security assets like the Aparavi Data Intelligence and Automation Platform to help them easily find and identify sensitive data in order to overcome threats in their cloud environments.”
CIO INFLUENCE: Apprentice Now Joins Amazon Web Services Training Partner Program to Deliver AWS Cloud Skills Training
Aparavi empowers organizations to find and unlock the value of their data wherever it resides, as well as mitigate risks and reduce storage requirements and costs. The cloud-based platform finds, automates, governs and consolidates distributed data using data intelligence and automation. Aparavi helps transform data into a competitive asset and makes it more accessible for data analytics, machine learning and other tasks. The platform also can clean data and archive it to off-site targets, such as public cloud or object storage-compatible targets, reducing customers’ on-premises storage footprint by up to 40 percent and making data less vulnerable.
The Aparavi Platform enables organizations to search across all systems to locate data, including unstructured data, wherever it exists. The scan results provide information about the data by location, owner, events, creation data, last access data, extension type and modification date. That information enables users to take a first pass at eliminating redundant, obsolete and trivial (ROT) data ─ anywhere from 25 to 80 percent of it. With less data to review, users can more quickly search for and access sensitive data.
The Aparavi Platform’s data actions feature can also be used to move or copy sensitive information into a storage target with limited access rights. The data can be moved to a specific location for data hygiene or special handling to meet compliance requirements. Users can be designated to the level of access they have to any sensitive data. Changes to sensitive data and permissions can also be tracked so that if a user copies, moves, deletes, renames or modifies a file containing sensitive data or PII, an alert will be generated so the action can be reversed if needed.
CIO INFLUENCE: PlainID Launches The PlainID Technology Network to Enable Identity Aware Security for Advanced Access Control
[To share your insights with us, please write to sghosh@martechseries.com]