In this post we continue our series on data aware storage by looking specifically at what data aware storage can do for security and compliance.
The Importance of Data Awareness to Security
Organizations have invested in security technologies like SIEM, DLP, and IAM, but often still struggle to answer basic questions about their data, access rights, and user activity. And because they aren’t able to visualize and interrogate what they have in their storage in a meaningful way, they struggle to focus security where it matters. It's a major blind spot.
This blind spot can be more of a problem in the cloud. As organizations look to archive data in the cloud, the realization kicks in that many of their on-premises security investments won't apply to data in the cloud. That's why it is important, if you're looking at cloud archiving, that your cloud solution fills these gaps by providing data awareness and native security capabilities for auditing, search, role-based access control, data loss prevention, etc.
10 Examples of How Data Aware Storage Improves Security & Compliance
Data awareness provides continuous insights and early identification of risks. It gives security and compliance a comprehensive and persistent window into what's out there: the data, access rights, ownership, and user activities.
Here are ten examples of security and compliance insights from HubStor's data aware cloud archive:
- Most active items (by retrieval, by sharing);
- Activities performed by a particular user or group;
- Activities performed on a certain item or within a certain folder;
- Activities of administrative and privileged users;
- Shared items and their activity (i.e. what's been shared and by whom?);
- Unusual user behavior;
- Items that contain private / sensitive data (e.g. credit card numbers);
- Users that own or have access to items containing private / sensitive data;
- Users that have performed activity on items containing private / sensitive data;
- Users that have triggered DLP policies.
Here's a look at HubStor's security dashboard where some of these insights are graphically presented:
This security dashboard surfaces some of the 10 examples by default. Other insights come from interrogating HubStor's activity auditing history or by running data aware policies to generate your own custom insights (each policy automatically maintains its own analytics and can be viewed as a dashboard).
Conclusion
The data aware security advantage derives from HubStor's advanced object storage framework that combines identity awareness, flexible metadata, audit tracking, ACL synchronization, policy-driven content indexing, and a near-real time policy engine. While that's somewhat of a mouthful, you can see that different types of data are being related under the hood to surface contextual insights benefiting security and compliance, and making it easy to fine-tune DLP policies.
Data aware storage is a huge boost for security and compliance, but it only applies to data stored in the data aware repository. Most data becomes low-touch after just 30 days, so a data aware cloud archive is an ideal place to securely preserve most corporate data. Think of it as an active archive that users can easily access.
If you'd like to dig deeper into the security advantages of cloud archiving with HubStor, I recommend checking out our security whitepaper (email required to download).