Data is the backbone of any enterprise, yet its increasingly complex needs—such as for speed and scale—threaten to destabilize entire infrastructures. Taking a data-centric approach for identifying and mitigating risk while optimizing visibility is the key toward strengthening this backbone, not breaking it.
Leila Jacob, senior solutions engineer at OneTrust, joined DBTA’s webinar, Discovering and De-risking Sensitive Data, to discuss how data discovery can surface crucial data insights while driving context to encourage a truly data-driven business approach.
According to Jacob, data is sprawling at an unprecedented rate, spanning velocity, volume, and variety. As data sprawls and exists in a variety of redundant, duplicated, and siloed locations, bad actors seek to capitalize on this disparate data environment. The threat that cyberattacks pose to an organization—both in brand and security implications—make how data is managed a critical component of today’s enterprise.
On top of data’s increasingly heterogeneous existence, similar initiatives are being carried out in silos among different enterprise teams. Processes related to privacy, security controls, and metadata cataloging are being executed by a variety of different roles, resulting in wasted effort, inefficiencies, duplicated data, and security challenges.
Jacob explained that visibility and validation are at the forefront of making proprietary data formidable instead of feeble. Visibility and validation solve for these challenges:
- Security, identifying and de-risking sensitive data and monitoring controls and risk
- IT, ensuring resources are properly utilized
- Privacy, complying with global privacy laws
- Data Governance, enriching data catalogs and streamlining stewardship
By centralizing architectures around understanding the what, why, where, and how of data, as well as initiating focused automation, enterprises can control data drift and enable fact-based decisions.
How can enterprises get started on their visibility and validation journeys? Jacob offered these key questions to think about to jumpstart this approach:
- What data do I have?
- Where is it?
- What is the purpose for having this data?
- How effective are my data controls and policies?
- What is the most impactful fix?
Jacob further explained that enterprises should prioritize the following to reduce overall risk:
- Locate and inventory sensitive data (What sources contain my most high-risk data? Do I have sensitive data stored in systems outside of governance policy?)
- Automate remediation (What processes and policies do I need to use to reduce risk? Automatically apply and enforce them at scale across all of your data.)
- Report progress and risks to stakeholders (Communicate risk reduction and process improvements to the business.)
For an in-depth review of how to drive data visibility and validation in an organization, featuring examples, statistics, and a Q&A, you can view an archived version of the webinar here.