Todd Feinman recently wrote an article for Dark Reading on the importance of understanding your data as a key component in protecting it. “Data Management Vs. Data Loss Prevention: Vive La Différence!” espouses the importance of a holistic approach to data security, one that begins with the understanding of where your data is and what is at risk.
“Cyber criminals have grabbed headlines for many highly publicized data breaches in recent years. However, the greatest source of blame for many of these incidents should be placed on the shoulders of organizations that don’t properly manage sensitive data."
Todd notes that many organizations do not fully understand data management, believing that DLP software is all they need. Todd lays out the definition of 'sensitive data management’ as “a strategy that incorporates people, process, and technology using technology that focuses on data discovery, classification, security governance, and protection.” This definition can include DLP, but is a more comprehensive understanding of data.
Todd lays out 7 steps for sensitive data management best practices, which range from defining sensitive data to understanding risks and making data owners accountable. Organizations that understand their data, and take means to protect it and govern its access, go a long way to preventing the loss of data as well as mitigating the consequences of a data breach, should it still happen.