Although organizations have secured endpoints, networks, applications, and online services to the best of their abilities, data is still lost or stolen every day. Traditional approaches to securing data—such as DLP and encryption—are falling short. These approaches assume that threats are primarily trying to get in from the outside, yet insiders pose as great, if not greater, threats to sensitive data. In addition, new data is always being created. It is “live”—being copied, changed, and shared as it flows nonstop through the enterprise. Where did it go? Who touched it? How? More important, why?
Insider threats, alarm fatigue, and constant enterprise change make it impossible to continually monitor and assess live data, and you can’t defend the unknown. The first step in data defense is knowing where your data comes from, its structure, content, purpose, level of sensitivity, and relationship to other data, users, and movement. This baseline knowledge is critical.