Partners – “Detect and Protect” Strategies for Data Security
This year’s Informatica World was truly eye opening. Thanks to the amazing participation and feedback from our partners, our teams walked away with incredible learnings about their growing successes and opportunities. And as underscored by Rodney Foreman in a recent blog post, Data Security stood out as one of the hottest topics.
Having received many requests from partners wanting more education on our data security offerings, I decided to take a deep dive into this ‘top of mind’ and relevant discussion. Using the questions raised by Rodney, I highlight below how partners can solve for clients, as well as support Informatica resources available to do so.
Visibility to Data Across the Enterprise
My customer lacks visibility into what data needs protection: That is, what’s sensitive, where it is, who has access to it, and where is it going?
A common issue around sensitive data is that it is spread across the enterprise from a variety of data sources and spread across many places, resulting in poor tracking and governance. Businesses are unable to effectively identify, measure and prioritize sensitive data risks. As companies grow, the problem compounds; data is cobbled together utilizing inefficient Band-Aid tactics and data security threats worsen.
In fact, Gartner analysts agree and state that, “data security governance and the orchestration of data security policies across disparate data silos and platforms will be critical challenges for organizations during the next decade.”
Take, for example, a large financial services firm we work with. Audits showed they lacked appropriate visibility into Personally Identifiable Information (PII) located in unexpected places, such as social security numbers in CRM note fields and/or phone number fields, making this type of data a major challenge to track. With Informatica solutions in place, this information could be discovered and tracked– alleviating concerns about visibility, risk and access to sensitive and personal information.
To help firms like the above implement effective risk management, we work with Partners, leveraging a variety of Informatica solutions. Secure@Source, for example, specifically identifies where sensitive data resides, the consumption of this data, enabling location visibility, as well as insights into risk and the proliferation of sensitive data, to deliver complete visibility to enterprise CIOs, CSOs, CFOs and any person responsible for data security.
Data Breach Mitigation
When a data breach occurs, it typically takes hundreds of days to detect it; even longer if it’s an insider threat. How do we speed that up?
Anomaly detection, which identifies high risk usage of sensitive data, is not only key to mitigating data breaches, but is critical for quickly recognizing when a problem occurs. With machine learning and AI solutions that detect abnormal behaviors, as well as high risk users and data stores, full-blown crises can be diverted!
For example, imagine an engineering intern’s daily usage increases from 1 MB to 100 MB, signaling an issue. An anomaly like this is rarely identified, let alone communicated to management, without intelligent detection and alerts in place. In this case, we would again recommend Secure@Source from the Informatica portfolio. Through its visibility into risk and anomalies, 360 degree view of sensitive data, array of dashboards, and reports and alerts it can speed up breach identification and orchestrate a response– putting businesses at ease.
My customer doesn’t know where to start remediation once a breach has occurred. And, what’s the right method of protection?
First, it is critical to have a strategy in place to proactively prevent data risks. Furthermore, your customers need the ability to resolve a data breach if and when it occurs. Policy-based detection and automated remediation is vital and must be applied to data wherever it exists, from Dev, Test, Production, Legacy Applications, Data at Rest and in Motion, Cloud, and Big Data.
For example, battle-proofing sensitive data with de-identification and de-sensitization products reduces the chance of compromised security. Informatica’s solutions around dynamic and persistent Masking are one way we offer orchestration of data security measures for limiting and preventing sensitive data access. What’s more, it blocks, audits and alerts for staff who access this information ensuring compliance with security policies, and industry and civil privacy regulations.
With the above remediation strategies in place, it’s likely your customers will be able to identify and correct problems before they result in unfavorable situations.
How You Can Drive Solutions for Your Customers
Every day we learn more about the needs of our partners who are driving data security strategies across enterprises, large or small– and we’ve built enablement tools to ensure you’re successful. We encourage you to leverage the sales tools and marketing programs.