As more and more companies seek to obtain and maintain vast treasure troves of personal data and outside forces seek to steal this very information, the need to secure this business intelligence takes on greater urgency.
Much of the focus among IT and marketing departments is how to organize and utilize the Big Data that is coming in from a wide variety of sources. Often times, this focus on what a company can “get” out of having this precious information overshadows the need to “keep” this data safe and secure.
An informative article in PCMag highlights the Top 10 Best Practices for securing Big Data, and even includes a link to 100 important moves to make in securing data but, for the sake of this article; we will highlight the top 4 areas of concern. Consider this a Mt. Rushmore of Data Security For Business.
In the George Washington position is the need to secure non-relational data, transaction logs, and data storage. Attacks in these areas are common and having the tools in place to thwart or repair the system after the fact is critical.
Key steps in accomplishing this include encrypting passwords and establishing end to end encryption using algorithms to ensure data security.
In the Abraham Lincoln position has to be endpoint filtering and validation. An organization needs to use a mobile device management (MDM) solution in order to assure they are using trusted certificates and connecting only to trusted devices. An example of this solution is Entrust Datacard, which integrates with Enterprise Mobility Management platforms to allow organizations to deploy and leverage strong identities for mobile devices.
In the Thomas Jefferson spot is the need to preserve the privacy of your data. The two pillars of maintaining control of your data are implementing techniques like differential privacy, and storing encrypted information in the cloud.
As for 4th spot on the Mt. Rushmore of Data Security, the Theodore Roosevelt, is the need to constantly audit your information and systems. As cyberattacks and infiltrations become more complex and varied, the need to investigate and prevent these incursions grows as well.
Audits should be done after an attack and the information gleaned from that audit should be stored separately, to avoid the hackers getting the info on the fix to their previous attack.