When confronted with the potential of data breaches, owners of this data and system administrators often consider first the most obvious angle of security: preventing individuals with malicious intentions to gain access to data. But there are several facets that need to be accounted for to ensure that confidential data is not found in places where it shouldn't be.
By Yves de Montcheuil
Securing data from malicious attacks
Protecting data from hackers and other ill-intended individuals is often the first order of priority -- as it should be. The domain of IT security experts, it includes -- but is not limited to -- the deployment of perimeter protection technologies, the proper management of user accounts and permissions (including the deprovisioning of accounts when employees leave or change roles), and a wide range of intrusion detection that detect attacks and shut down accesses when needed.
Securing data from unauthorized access
Unauthorized access is broader than malicious attacks. It can be caused by poorly defined permissions, that will allow a user to access or query data they should not be allowed to access -- for example a business intelligence user gaining access to HR or payroll information while analyzing sales performance. This type of unauthorized access creates less risk that malicious attacks, and can be partially alleviated through clearly communicated governance policies and reliance on professionalism of users (i.e. it's not because you have access to confidential data that you will necessarily attempt to view it, and even less disseminate it).
Securing data from unusual extraction
Users may have access to certain data sets in the normal course of their business, but when they attempt to extract a vast amount of records, is it because they need to process an historical report -- or because they plan to quit tomorrow and leave with the client database? Or maybe because they have been the victim of some social engineering scheme, or have compromised their credentials? Identifying the boundaries of normal/expected behavior, and placing limits on what a user is permitted to do with data they use on a daily basis, is an important measure to prevent this type of situation.
Securing data from unintended use
Used in a certain context, the same data can be immensely damaging when used in another one. A good data governance polity should make clear which data can be used in which context. It's not always easy, as many modern usages of data are by definition unplanned. In these contexts, the data steward must abide by the spirit of the policy, if the letter isn't applicable.
Securing data from unexpected dissemination
Source data is often as secure as it can be. But what about reports, extracts and other target datasets? How many stories have we read in the news about "a laptop has been stolen with x million confidential records on it?" Once the data leaves its home database, it will end up in emails, USB sticks, Dropbox accounts, hard drives, and other highly unsecure places. In many cases, this will be because IT does not offer a convenient and secure way to transfer large files -- and so users figure out their own ways. Securing data extends all the way to the full IT infrastructure, and needs to take into account the habits and convenience of users -- but also establish clear guidelines that extend beyond simple data manipulation.