Understanding Data Security Posture Management

Today, cybersecurity is a cornerstone topic of concern for most organizations. You don't have to look very far to find horror stories about data breaches, operational interruptions, and lost revenue. The blunt fact is that criminals are getting more sophisticated, and tools to get unauthorized access to data are becoming more widespread.

Unfortunately, many organizations are unprepared for an attack. In many cases, leaders lack visibility or awareness of the gaps in their organization’s cybersecurity in order to make intelligent decisions about how to better protect themselves.

This is not getting easier because, as the value of data increases, the number of motivated criminals who want that data also increases, in kind.

Data security is a complex, multifaceted topic that is not easily solved with just one tool. The overarching view and understanding is called data security posture management, or DSPM. This topic encompasses all the different solutions and techniques that modern organizations can use to better protect data and systems from attacks.

DSPM covers three main topics:

1. Knowledge: Do you know what data your organization has and where it is stored? For organizations that have a large legacy footprint, this knowledge of the data or visibility into the data may be obfuscated.

   
   

2. Classification: Do you know what data in your systems is confidential or sensitive? Not being able to articulate where sensitive data is may result in significant gaps in protection.

   
   

3. Protection: Are the systems protected? This is a broader topic because it examines whether your systems are appropriately set up to protect your data, and also whether your people have the right degree of training to know how to protect the data they're working with.

Instead of trying to boil the ocean and solve everything all at once, let's breakdown the issue of data security posture management into four simple steps you can take for yourself.

For many organizations, documents, also known as unstructured data, are a significant source of data. It is exceedingly hard to identify, catalog, and understand years of stored documents, which often results in mismanaged security. One strategy is to get this data into SharePoint online and then use some of the platform’s built-in protection features to plug holes.

When it comes to data security posture management inside SharePoint online for unstructured data, we look to Purview’s features to give us not only visibility, but also tools to fix the issue.

• Sensitivity labeling is a great way to build knowledge and classification of your data. Although that topic can go much deeper, simply applying a sensitivity label to recognize when something is confidential goes a long way towards data protection.

• While having your users decide is an easy way to use sensitivity labeling, automation may help speed up the process. Sensitive information types are available in Purview – mature pre-trained classifications that the Purview scanner will use to attempt to find your sensitive data across the repository. If data is found, a sensitivity label can be automatically applied to that data, thereby increasing its protection.

• Once the sensitivity label is applied either manually or automatically, we can then enhance protection using data loss prevention policies. This will ensure people can't take prohibited actions such as downloading or emailing sensitive data, ensuring the data stays within the protection barrier of your SharePoint environment.

• The other component of note is the behavior of your people. Increasing protection mechanisms will go a long way, but this is balanced by the behavior of your users. In Purview, you can create profiles of risky users using the insider risk management module. By turning this on and letting it run for a period, it will detect risky patterns of behavior to ensure people are flagged and potentially prevented from taking further actions.

This is only step one of the DSPM journey, and in many cases these steps alone will make a big difference. Even if you aren't worried about cybersecurity attacks, the other angle of DSPM is to make sure you are ready for AI. AI has power to get access to your data, train on it, and ultimately use it to respond to users. This may be a concern if the data is not properly protected and hence creates a different angle of internal threats.

Purview has a dashboard called DSPM for AI, which gives you a picture into whether you are using the appropriate tools in Purview to protect your data for use with AI. In preparing for AI internally, you're also addressing the external concern, too, so it is valuable to look at this dashboard, follow the beginning tasks, and kick off a push for better data security posture management across your organization to make sure you are ready for whatever comes your way.

If you aren't sure where to start, Cadence Solutions is an experienced provider of services to help organizations figure out what's next. We're happy to help you with an assessment to prioritize your next steps in the world of Data Security Posture Management to prepare for whatever tomorrow brings.