Perhaps the biggest concern nowadays for many organizations within the data world is all about security; more specifically, cybersecurity. You know, the more data that we have and store, the more that needs to be protected. However, protection strategies and securing data can differ depending on the different stages of data within any organization.
The Three States of Data
There are three basic states of data within any organization:
- At Rest — This involves data that is stored with high latency (low-changing state). Usually, this is any kind of historical data that’s stored in any system, no matter if it’s an application, a cloud database, or even cloud- or locally-stored files (Excel, on-prem databases, etc…). This is not necessarily data related to a ‘database-like’ shape; it’s any data stored somewhere (a report in Excel, for example).
- In Motion — This is data that travels from one place to another. Again, with a broad understanding, think about any data going from an application to a database — or emails, instant messages, phone calls, or any other kind of data that actually ‘moves.’
- In Use — This is data stored in memory for the usage of any application. Think about the data stored in the RAM memory of your computer when you open an email application, for instance.
My colleague, Chris Hughes, has produced excellent articles, videos, podcasts, and many other types of content covering this topic. I encourage you to explore it on the Cybersecurity channel. However, here are a few of my recommendations to protect the most valuable asset of any organization nowadays — which is data, of course!
Securing Data “At Rest“
The very first security measure to consider is something that’s often not seen in any cybersecurity manual: common sense. If you are going to store data that you will not use or analyze at any time, or you don’t know what to do with it, consider seriously not storing such data. Common sense.
There are people who may think, “Oh, this data is not very important; it may not compromise the company if is leaked, accessed, or blocked.” Any data is valuable depending on the context or the scenario. So, while it may not be relevant for one individual, it could be very valuable for another.
If you decide to store all data, consider doing it in a separate environment and limit access to certain individuals and profiles. Don’t let everybody in the organization have access to historical data. The more that access is granted, the more exposure there will be to threats.
In addition, consider the encryption of data at rest, as well as the right backups. This is very easy nowadays with the many cloud applications that we have available in the market.
Finally, educate users — especially those with access to data at rest — to keep the right security habits in place, especially focus on social engineering.
Securing Data In Motion
As data is in motion, the risks associated with this state are different. As in most cases, the transmission of data happens within systems. Therefore, cyberattacks are more focused on infrastructure and networks.
More focused does not mean that it is the only aspect to consider. Bear in mind that data moves from one place to another because there are typically humans who consume it.
Just to mention a few security measures with data in motion, security around the network and systems are crucial. Think about VPN (Virtual Private Networks), secured cloud environments, secured applications, and security around APIs. Make sure that the ‘interfaces’ that allow the traffic of data going in and out within applications and services are properly protected and secured, especially within a multi-cloud environment.
Not to mention setting up well-defined user profiles with different layers of security among systems, etcetera. There are many more recommendations, but my intention is to keep everything very simple for any business user.
Another great recommendation is to monitor user cookies and system logs. This may reveal important patterns and habits that can help IT professionals to enhance security.
Again, allow me to remind you of the most important element in terms of security: Educate the user who is operating the application(s) that bring(s) data from one place to another.
Securing Data “In Use“
Data in use is relevant to external parties, depending on the type of application and the activity of the organization. In this state, it is very important to pay attention to the applications and software used within the organization.
There is a lot of debate here, but sometimes going free and open source is better than using commercial software and applications. Other times, going commercial is better than open source. Either way, it’s critical to understand the application’s security measures related to data in use before it is deployed within the organization.
Monitoring system logs is very important in defining a system security strategy.
Final Thoughts
It is true that securing data in any state relies heavily on infrastructure, systems, software, and applications, but the most critical security element to consider is the user. The user is a human being. Each user is very different from another in behavior, knowledge, background, history, fears, and strengths. Harmonizing all of that is a big enterprise, but it needs to be done to maintain a good security standard.