Did you know that 80% of the data in your organization is unstructured data? Or so says IDC, “The Expanding Digital Universe”. Unstructured data translates to unorganized data leading to a higher risk of data loss. If you want to protect sensitive data you first need to know what data is sensitive and is not. To do this, here are the steps you should follow:
Step 1: Define your data classification policy
Step 2: Classify your data based on your policy
Step 3: Protect your sensitive data
So you have classified your data as sensitive and non-sensitive. Is that enough? Is your data then completely secure? The answer is ‘No’.
Merely classifying data does not help. You need to know:
- Who should have access to the data and who should not?
- Where is the sensitive data stored and how is it transmitted?
- Are there any risks in the process of storing, accessing, and transmitting such data?
Unless there is a context, answering these questions becomes difficult.
So here is the tip of the week: Data classification is crucial to data security. But don’t stop there. Do a Data Flow analysis and establish context, so that you can use it to protect your sensitive information.
It is so much better to keep sensitive information within the confines of your organization rather than on a hacker’s website, or even worse in the front page of a newspaper because of a security breach at your company.
Practice Head – IRAS, Aujas