Today’s business world is driven by data, enabling employees, contractors, partners and vendors to communicate. But if this data is not protected, an organisation’s reputation and finances can be damaged. Some of this data – like financials and personally identifiable information (PII) – is priceless and requires special handling to mitigate the risk of data breaches. Here Paul Trulove, CPO at SailPoint delves deeper into the topic.
In the digital age, protecting sensitive organisational data can’t be achieved with physical security alone. Smart organisations leverage well-known processes and tools such as identity and data access governance solutions to help manage who has access to the sensitive information stored in structured applications like mainframes and databases come into play.
Unfortunately, structured systems are not the only place where sensitive data is stored. Unstructured data, or data stored in files outside of structured applications and databases, is a growing problem for organisations. In many cases, unstructured data started out as structured data in an application, but was then moved by an end user into a more convenient format. For example: an employee on the finance team is reviewing financial data pulled from an internal database and, to make it easier to share with his fellow team members, he exports it to Excel and uploads the file to a corporate Dropbox account. Using this example, it’s easy to see how quickly data can move from secure, controlled environments to unsecured locations.
So how can organisations protect sensitive data no matter where it resides? By taking an integrated approach to governing access – across all applications and file storage systems, organisations can keep structured or unstructured data safe. There are three steps to this integrated approach:
While protecting sensitive data can feel overwhelming, identity governance can give organisations the solutions they need to address sensitive data in the enterprise, while making sure to balance security with convenience.