Issue link: https://read.uberflip.com/i/1034423

Contents of this Issue


Page 0 of 4

Securing Data-at-Rest in Files, Folders and Shares: Building a Sustainable Framework - White Paper 1 Data growth is accelerating faster than ever before from the increasing prevalence of IoT devices, big data analytics and the general use of technology. As a result, more data is being produced, processed, and ultimately stored on file servers than ever before. This data can take many shapes from e-mail archives containing intellectual property to database files that hold payment cardholder information. Increasingly, this data lives dispersed in file servers across an organization and across locations rendering oversight difficult. Growing volumes of valuable data motivate an increase in attacks that do not discriminate between businesses or government, or the size of the organization. These attacks target data and sensitive personal information or intellectual property and are becoming more prevalent and more severe. 1 Successful breaches are costly as fines, reimbursements and the damage to the victim's reputation can be significant. Today, data security is no longer optional for organizations, it's required. What are the drivers for data security on file ser vers? Organizations face threats ranging from privileged insiders abusing their position, to malicious outsiders infiltrating a network or nation states looking to steal IP. While attacks can have many goals, often the target of these attacks is information that resides in files living in a folder or on a network share. 2 Though organizations have a financial and existential interest in securing their data, for many, it's the specter of compliance that prompts the adoption of better security practices. Paradoxically, as the number of well publicized breaches increases so too does the pressure on lawmakers to tighten the very regulations that organizations dread in the first place. The per vading assumption amongst security professionals is that strengthening the network perimeter is sufficient to keep data safe. Yet threats can appear in many forms and organizations must think beyond the perimeter and consider a wide range of vulnerabilities. Perimeters are an impor tant par t to the security strategy, but they are ineffective once an attacker is inside the network with access to many or even all of the files stored in its ser vers – as proven by the United States Office of Personnel Management (OPM) breach of 2015 3 . The vulnerabilities that organizations face include: > External threats: Nation states, competitors, criminals and hacktivists are highly adept at evading organizations' perimeter defenses. > Remote backups: Shipping data to offsite backup ser vices or disaster recover y sites places it beyond the oversight of the administrator putting significant volumes of information at risk of loss or theft. > Malicious employees: Employees can take advantage of broad access and steal sensitive data while on the job. For example, system administrators' access privileges put them in a position to use their technical exper tise to access, steal or corrupt sensitive data throughout the organization. > Inadver tent data leakage: Administrators and employees can make mistakes and expose data by storing it in the wrong location, accidentally bypassing manual security policies, or inconsistently adhering to existing policies. WHITE PAPER Securing Data-at-Rest in Files, Folders and Shares: Building a Sustainable Framework 1 "While 2015 might not have had as many headline-grabbing data breaches as the previous year, it certainly saw a continuation of the large-scale assaults that have made cyber security a top priority for senior business executives and boards of directors at many companies– Breach Level Index Annual Report 2015 2 "Third party evidence shows that the over whelming focus on external attacks and insider abuse is to gain access to sensitive data stored on file and database ser vers." – Gartner, "Develop Encr yption Strategies for the Ser ver, Data Center and Cloud." 3 http://arstechnica.com/security/2015/06/epic-fail-how-opm-hackers-tapped-the-mother-lode-of-espionage-data/ CRYPTO FOUNDATION UNIFIED DATA PROTECTION PLATFORM

Articles in this issue

Links on this page

view archives of Encryption - secure_data_at_rest