DDoS Attack

How Devices Outside the Data Center are Requiring a New Approach to Data Protection and Governance

Add Your Comments

Internet-connected devices like smartphones and laptops have expanded our capabilities and enabled us to work more remotely than ever before. In many ways, we’re no longer tethered to old IT devices and practices. But the decentralized, cloud-based tools that have transformed the way we work pose new security challenges that didn’t exist when data was under close watch within a data center.

Contrary to a centralized data center where data protection and governance can be strictly applied, a typical organization may have critical data spread across a data center, external clouds, PC hard drives, and a myriad of portable devices.

Druva is one company that has emerged with solutions for endpoint data protection and governance including online backup, secure file sharing and data analytics. It’s focus is on making sure that data is not lost or stolen from the edges of the cloud – typically a variety of internet-connected devices such as smartphones, tablets and PCs.

Addressing the “Weak Link” in Data Loss

Druva CEO Jaspreet Singh calls the edge a “weak link” that can lead to data loss, and that about 28 percent of total enterprise data is on the edge.

“It’s much more dangerous because it’s the last node,” he says. “These devices are not protected. There’s a lot of variety that is growing. And also any damage control on a leakage scenario on these devices – the control and visibility is much less.”

Of course, these devices on the edge are not only potentially providing more points where data can be accessed, but also driving the creation of more data beyond the walls of the data center – much of it unstructured.

“More and more data is going unstructured,” Singh says. “There has to be a deeper logic to potentially archive it or govern it or do an e-discovery on it. There’s going to be a whole lot of technology changes to take care of unstructured data growth.”

Building Better Policies

Rather than locking down devices using hosted operating systems or otherwise blocking the capabilities of these devices (and their users), Singh says companies are “better off building processes around data.” That’s where Druva comes in.

“We make sure any data you create on the device is already captured, pushed back to the data center or the cloud, and then you build logic and policies around discovering that information, protecting it, wiping it, encrypting it, backing it up and exposing the entire semantics to an e-discovery process.”

Addressing endpoint data can seem overwhelming, but it’s an inevitability given that many of the data tools and capabilities are available to employees on their various devices, and these devices are generating and storing much of this data. Just like in the data center, it’s important to have visibility and control over the data stored across an organization’s various devices both inside and outside the data center.

Attempts at embedding Information Rights Management in files over the past few years haven’t had a huge impact, however, controls could come in the form of reactive controls in which users update their policy in response to access requests, proactive controls where security is embedded in the document itself, and insight into data usage patterns that could identify security holes.

Understanding What Data is Important and How it Relates to the Organization

Not only does having access to data usage information prevent unauthorized individuals from having access to data, but it also helps find conflicts between different user groups that have access to the same data, and identify what data isn’t being used.

Singh says that Druva customers are starting to ask, “Has a set of data has ever been used or accessed?” If the data isn’t used, the company then has to decide if they need to archive it for future use, or retain it for legal purposes.

This distinction between active and passive data can help a company make decisions around cold and hot storage, different SLAs, the life cycle, and more. It all relates to having visibility into the data generated, and how this data relates to an organization’s functional and legal requirements.

As more data is being generated every day from smarter and more connected devices, sophisticated methods of classifying and dealing with this data is something that many businesses need to deal with before the next data-loss incident occurs.

Add Your Comments

  • (will not be published)