Data Security: The End Game

Data security is a hotbed of activity and stands to be a huge growth area in the next decade.  The world is rapidly changing and with the explosion of social media, data is becoming more at risk than ever before.  Users and organizations are beginning to realize the need for new, comprehensive, flexible and robust data security.  Sadly, such solutions are just not available yet.  In fact, in industry is still trying to define the end-game of capabilities which should be part of future data security services.

I have been blogging about the shortcomings of data security and provided some thought on how the industry must evolve.  In that spirit, here is my future wish-list of functions the data security industry must embrace and combine, in order to fully realize the value proposition of data security.

  1. Solution must seamlessly integrate with how users work and help them to classify and characterize their data

  2. Extend security services to platform and endpoints where data is consumed, created, and managed.  This includes servers, clients, smart phones and handhelds, portable storage devices, cloud services, and virtual machines

  3. Enable data owners to search for their sensitive data across the enterprise

  4. Educate and reinforce good security behaviors and corporate policies with the user community in timely and relevant situations

  5. Allows users to make some risk decisions for their data while providing guidance and tracking accountability

  6. Help users comply with data retention timeline policies

  7. Facilitate users ability to securely destroy data

  8. Provide mechanisms to easily share and send data securely outside of the organization

  9. Provide the structure for users to easily understand and manage who has rights and permissions to access and possess their data.  Including the ability for revocation, replacement with current versions, or destruction of their protected data on other users systems within the enterprise

  10. Provide tagging and cluster functions for users to easily find all their data related to a topic, keyword, project, or person and then manage the security functions for that collection or group

  11. Secure the data from unauthorized exposure in transit, storage, and while in use<

  12. Protect data from unauthorized editing, tampering, or destruction while in transit, storage and during use

  13. System must trigger and report when corporate policies are being violated and be able to interdict at the time and place of incursion with the flexibility to either block actions or engage the user for override authorization (tracked with acknowledgement of policy)

  14. Support electronic discovery actions to locate and copy data required by legal request

  15. Learn and remember nuances of specific users to better reduce false positives for the previously stated capabilities

In all fairness, some of these capabilities are currently available in a piecemeal manner.  Most of those lack maturity, scalability, or efficiency.  To satisfy future needs, we require a comprehensive solution which properly combines all these critical areas.  Such a package is necessary to empower users and organizations to easily manage and protect their data and aid them in complying with corporate policies and evolving regulatory requirements, in a cost effective and sustainable manner.

Published on Categories Archive
Matthew Rosenquist

About Matthew Rosenquist

Matthew Rosenquist is a Cybersecurity Strategist for Intel Corp and benefits from 20+ years in the field of security. He specializes in strategy, measuring value, and developing cost effective capabilities and organizations which deliver optimal levels of security. Matthew helped with the formation of the Intel Security Group, an industry leading organization bringing together security across hardware, firmware, software and services. An outspoken advocate of cybersecurity, he strives to advance the industry and his guidance can be heard at conferences, and found in whitepapers, articles, and blogs.