One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8304762 |
| Date de publication | 2023-01-27 11:00:00 (vue: 2023-01-27 11:08:33) |
| Titre | Identifying and securing your business\'s dark data assets in the cloud |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The world runs on data. That has always been true, but the power of data has perhaps never been greater than it is today. We live in the great age of information — where a seemingly infinite repository of knowledge lies at our fingertips. But data is not, of course, only to be consumed for personal use. Indeed, the greatest impact of data is on the world of business. Data is the fuel that keeps the engines of enterprise humming. The truth, though, is that businesses, on average, use less than half the data they accumulate. The rest is lost somewhere in the ether, where it becomes so-called “dark data” that puts your customers, your employees, and your company at risk. What Is dark data? One of the most significant challenges in dealing with dark data is that many business managers, even at the highest level, don’t know what it is or how to manage it. That’s a problem because all companies generate tremendous amounts of dark data simply while doing business each day. Dark data refers to information collected through ordinary business transactions that does not serve a specific business function outside of the immediate transaction. It is information that is generated through ordinary business processes and remains even after its immediate purposes have been served. This information might include customer email or mailing addresses, phone numbers, or purchase logs. Because the data has no real business utility, it is often left forgotten, unorganized, and insecurely stored. And this is the true threat that dark data poses, because, even when it serves no legitimate function for your business, it can readily be exploited by bad actors for various cybercrimes, from identity theft to financial fraud. Finding and identifying dark data Understanding that dark data exists and is a problem is a necessary but not sufficient step in mitigating the risk. It’s also imperative that business leaders understand where to find it, how to identify it, and what to do about it. When it comes to finding, identifying, and managing dark data, your best strategy is going to be data mapping. With data mapping, you’ll be able to determine what data is being generated, when, how, and where. Tracing the sources of your data is often the first step in determining where it goes after it has been generated. This, in turn, enables you to locate all the once-hidden information that has been lurking around your network, particularly in the cloud. And that means you will be better able to identify which data points have eluded your cloud data management processes and related controls. Organizing and securing dark data in the cloud After you’ve found and accurately identified the immense repository of dark data that is likely clogging your system (and potentially costing your company millions of dollars in storage fees each year), it’s time to get organized. As we’ve seen, dark data can pose a significant risk to your network security and undermine your data security compliance. There is a great likelihood that much of this data is sensitive or private and should be secured but isn’t. |
| Envoyé | Oui |
| Condensat | “dark able about access accumulate accurately actors added addresses adopt after against age all also always amounts amplify analysis any appropriate are around article assets at&t authentication author average bad because becomes been being best better beyond breaches business businesses but called can challenges clogging cloud collected comes companies company company’s compliance consumed consumers content controls costing course critical customer customers cybercrimes dark data data data” day dealing determine determining disappear does doing dollars don’t each eluded email employees enables encryption endorse engines ensure enterprise especially ether even exactly example exists exploitation exploited fall fees financial find finding fingertips first forgotten found fraud from fuel function generate generated get goes going governance great greater greatest half has have hidden highest highly how however humming identified identify identifying identity identity theft immediate immense impact imperative include including indeed inevitable infinite information insecurely insider installing instance instituted invulnerable isn’t it’s its keeps key know knowledge layer leaders learning left legitimate less level lies likelihood likely limit linger little live locate logs lost lurking mailing manage management managers managing many mapping means measures might millions mitigating most much multifactor necessary nefarious network never not now numbers often omnipresent once one only optimize ordinary organize organized organizing outside particularly perhaps permissions personal phone points pose poses positions possess post potentially power practical private problem procedures processes proper properly protecting protection provided providing purchase purposes puts range rather readily real recognized refers related relatively remains repository responsibility rest result rigorous risk runs scope secured securing security seemingly seen sensitive serve served serves should significant simply solely somewhere sources specialists specific step storage stored strategy subjecting such sufficient system systems takeaway tech than that’s theft though threat threats through time today tracing trained transaction transactions tremendous true truth turn undermine understand understanding unless unorganized until use utility various views we’ve what when where which who will within workers world year yet you’ll you’re you’ve your |
| Tags | Threat Guideline |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.