Monday, January 16, 2012

Data – The Ultimate Asset

Traditionally, business has looked at land, plant, building, machinery as assets that need to be protected and security thoughts have focused on fortification of the perimeter surrounding the assets. Business was about manufacturing, trading, services and then came the technology age... and life changed. Or did it ?

Unfortunately, businesses transposed traditional experiences into the technology realm thinking that firewalls, anti virus solutions, IDS/IPS and server hardening will protect the perimeter and life will continue securely. Computers became assets, but not data and it has taken a long time for businesses to realize their folly. While mature organizations have taken adequately appropriate steps, a majority continue to give lip service to their data assets.

And therein lies the error of judgment – it is easier to buy a new plant than to make sense of a thousand files with unstructured data. Data is the ultimate asset in the technology age and the dependency on IT systems is growing exponentially. At work we grapple with more information (data) than we can handle and one hoards relevant and irrelevant data. The data which we work on grows into multiple copies across the organization and, whether one likes it or not, dependency on data is absolute.

Business organizations, or individuals, cannot survive in event of non availability or loss of data and must accept that data is their most critical asset. It is essential to enable data security and manage this asset throughout the lifecycle using technologies that enable real time proactive protection.

Data security is critical for business in the manner that

• Confidentiality is maintained and data is not exposed, leaked, lost, stolen or compromised
• Integrity of data is assured and users know that it is not tampered
• And it is available at all times for uninterrupted business operations

Technologies like Security Incident and Event Management (SIEM), Data Loss Prevention (DLP), Information Rights Management (IRM) when deployed together in any organization, provide a high level of protection to the data assets and the organization has control on their assets while inside and outside their infrastructure perimeter. The SIEM will help monitor the network and alert against malicious activity, the DLP system will lock down assets from inappropriate access or transmission and the IRM system will provide the ability to remotely control document access rights.

No comments: