Security Advisor Middle East|February 2020
Held annually every 28th January, Data Protection Day began in Europe in 2007. Two years after, the US and Canada followed suit and launched the Data Privacy Day. With the aim of raising awareness and promoting privacy and data protection best practices, the event is now being observed by individuals and organisations across 50 countries worldwide.
In an increasingly digitised world, data is becoming more and more valuable. Today, businesses rely on data to identify new opportunities for growth as well as to improve the efficiency, services and products that are, ultimately, aimed at benefiting their consumers. With data protection growing into one of the major priorities of our time, we spoke to industry experts about the best way to protect data, as well as predictions regarding the direction data privacy in the future.
BRIAN CHAPPELL, DIRECTOR OF PRODUCT MANAGEMENT, BEYOND TRUST
Success in data protection projects is predicated on a solid cybersecurity foundation and a structured approach to what is being protected — without a solid foundation, data controls will be open to abuse.
Not all data are equal, and some data will require more protection than other data. Try to keep the classification of data as high-level as possible with only a handful of labels — Highly Sensitive, Confidential, General, and Open. Having only a few ‘buckets’ makes it easier to achieve the actual task of protecting the data and enables organisations to avoid getting paralysed with the task of classifying data. Bringing data together into their respective classifications can also make initial protection much easier. Appropriate protection for each classification will go a long way in avoiding impacts to productivity. Highly Sensitive data should and will be harder to access than Confidential data and that will be harder than General data (this is data where release has very low impact or actually due for public release in the mid to near term). Ensuring the protection is appropriate will reduce friction for day-today activities – there will be fewer users reporting that the controls impact their ability to do their jobs, but sensitive data will be fully protected.
In parallel, closing the obvious gaps in areas like vulnerability management, privileged account and sessions management, privilege elevation and delegation management, and identity and access management will ensure that the common routes for malicious users to steal data are addressed before you look to control access for legitimate users. Of course, making sure that stakeholders are addressed and engaged throughout the process will help in delivering an efficient and effective data protection mechanism that meets, or hopefully, exceeds their needs and expectations.shared and how it’s protected; and assess risks to data and prioritize investment in data protection.
GARRETH SCOTT, MANAGING DIRECTOR, CREDENCE SECURITY
Companies must be able to identify, combine and manage multiple sources of data. More importantly, business leaders must possess the muscle to transform the organisation so that the data and models yield better decisions.
It’s essential for organisations to have protection for wherever the data is located and integrated. Data travels across many platforms and devices from computers to mobile phones and from social media to the cloud. So, it’s important to provide protection on the endpoint, network, cloud, and for Windows, Mac, and Linux.
You can read up to 3 premium stories before you subscribe to Magzter GOLD
Log in, if you are already a subscriber
Get unlimited access to thousands of curated premium stories and 5,000+ magazines
READ THE ENTIRE ISSUE