The Data Lifecycle

The reality is that you could be spending as much on securing the lunch menu as you are on protecting your customer’s data – Chris Farrelly, General Manager at HANDD.

From the moment of creation, your data sets sail on a journey. The second it sets sail, it becomes a liability. It costs you money in storage, and poses a risk if it falls into the wrong hands. With a thorough understanding of the lifecycle of your data, you have the power to effectively manage your data, minimising risk and reducing cost.

Where Classification plays its part

Modern Data Classification solutions enable the automation of many data management tasks and enhance the performance of third party solutions that read metadata applied during the classification process. This metadata can determine how a piece of data should be treated through each stage of its lifecycle.

Data classification can really ease the load when it comes to handling your data, but it can also enhance the security of your data, and improve your compliance.

The journey of your data

Data creation

Data enters organisations in a number of different ways. It could be supplied by a customer, acquired during a merger, or gathered through a research project.

Data Classification requires users to classify data at the point of its creation to determine how this data should be treated throughout its life. Once classifications have been selected, they are added to files in the form of metadata, and visual cues that remind users of their classification status.

Data classification software can make classification quick and easy with classification toolbars sitting seamlessly within regular software such as Word and Outlook.

Storage and legacy data

35% of IT professionals are kept awake at night by how to store their data securely. (HANDD survey 2017 )

With so many data storage options, it can be difficult to decide which way to go.

Then when you’ve decided where each particular type of data should be stored, how do you ensure everyone follows this policy?

Data classification makes these processes simpler, taking the onus away from users. Once your data has been tagged, your company’s policies around where to store different types of data can be automatically applied, triggering any other downstream protection that should be engaged to protect that particular data file.

So while the office Christmas party memo will be sent for storage in the Cloud, the blueprints for your latest ground-breaking product will be automatically sent for encryption before being stored in your highly secure private server.

And, with more of us switching to Cloud storage, your data classification solution can take the headache out of ensuring your sensitive data is handled correctly in a migration project.

Data access

One of the best ways to protect data is to ensure it’s only accessible by those with the correct permissions. Data management systems screen access to classified data, only permitting access to those with the correct authority.

Identity and Access Management (IAM) solutions can be used to understand the roles and responsibilities of each individual within an organisation. Organising individual user permissions en-masse and using a secure area controlled by logins, it can ensure the right users have the right access to your data. So, your VP can wade through financials whilst your sales assistant is limited to seeing data for their own territory only.

Meanwhile, UEBA (User & Entity Behaviour Analytics solutions) will ensure that any unusual user or entity activity is spotted early, preventing user-driven data loss.

Sharing and collaboration

Security enhancement with data classification goes beyond who can access your data. It extends to how it’s shared, who can share it, and how long it’s accessible for. Particular classifications can be set to trigger downstream protection solutions to ensure your documents are only shared with those with permissions to receive them.

But what about protecting data on the move? The use of MFT alone to securely send data around the world can leave you with a security blind-spot. Whilst you know your data is secure as it moves to the recipient, should your recipient be receiving it?

Classifying data enhances your Managed File Transfer solution, eliminating that blind spot. Using data classification tags, your MFT solution can check the permissions of the recipient with your Data Loss Protection software. Then, if permitted, it’ll send it on, encrypting it en-route using MFT if required and leaving a comprehensive audit trail in its wake. Meanwhile, those documents heading for an unauthorised destination will be stopped in their tracks.

Data being sent somewhere by man behind a desk with a map on the wall (like an incident control room) to another man with MFT as his name card on his desk. MFT picks up the red phone and dials DLP to check if data can be sent. DLP confirms. IRM confirms, DLP shakes his head, MFT guy pushes big red stop button.

Archiving and removal

85% of data we store is redundant, obsolete or trivial. Source: Veritas (Source only for reference, not inclusion. https://www.veritas.com/news-releases/2016-03-15-veritas-global-databerg-report-finds-85-percent-of-stored-data)

The trouble is, manually retrieving obsolete data and deleting it is more labour intensive than storing it. However, storing data costs money and isn’t always secure.

As data volumes continue to increase, the storage and ongoing management of obsolete data becomes increasingly costly and more burdensome to manage. File retrieval can become like looking for a needle in a haystack, taking up more and more of your precious man-hours.

Data classification enables files to be time stamped to facilitate deletion after they’ve been held for the requisite length of time. Other metadata can be used to help us determine obsolete data that can be removed to ensure that zombie data doesnn’t perpetuate, putting your data security at risk.