The Data Lifecycle Management (DLM) goes through 5 steps: creation, usage, transport, storage and destruction. Most companies have parts of this lifecycle under control, but that means there are lots of areas for gaps in the control measures that could let a threat affect the data. The multiple part blog, (I am not sure how many parts it will take), will walk through the steps of the data lifecycle and what a company can do to implement a good process for all the data management challenges.
In the first part of this series, we covered what it means to say you have or want a data lifecycle management process. So why do we need something different from what we are already doing around DLM?
Why does traditional security not work for DLM?
Users have risky behavior. They will always have risk behavior and we rely on mostly technology controls to keep them in a secure box. Solutions aimed at the external threats coming in, not the regulation and governance of internal communications going out. Problems we see are typically:
Unauthorized application use: 70% of IT say the use of unauthorized programs result in as many as half of data loss incidents.
Misuse of corporate computers: 44% of employees share work devices with others without supervision.
Unauthorized access: 39% of IT said they have dealt with an employee accessing unauthorized parts of a company’s network or facility.
Remote worker security: 46% of employees transfer files between work and personal computers.
Misuse of passwords: 18% of employees share passwords with co-workers.
The reasons typical technology controls will not work in the full DLM process are:
1 Products are not geared to protect a full life cycle of a customer records
2 Most solutions and processes are outward facing, based on perimeter security
3 Encryption can affect data management
4 Real-time detection and remediation is rare
5 Context and intent of messages was not analyzed properly
6 Functional areas in organizations create different policies, monitoring requirements, enforcement priorities and reporting
7 New technologies can avoid security measures
8 Technologies look at the network, the operating system or the application not the data across all environments
9 Not mapped properly to regulations
What risks does customer data loss pose for organizations?
If we know that security is not working, what are the risks we face? Key things we need to consider include:
1 Penalties: Not complying with regulations can cause civil and financial penalties
2 Confidence: Loss of customer confidence because of a customer data breach can lose customers
3 Reputation: Damage to reputation will lose customer and damage relationships
4 Competitive Advantage: Information and customers can move to competitors
5Valuation: Decreased stock prices could result
There are a lot more options in this DLM problem that can be defined and addressed. More to come on this topic.