07 Nov The data discovery challenge
One of the biggest challenges facing IT organizations is pinpointing the location of critical data throughout the enterprise. As businesses grow, data and its use grow exponentially. From personally identifiable information and customer information to trade secrets and data governed by regulations, much of this data is sensitive and critical to the business. It must be identified, monitored, audited, and protected from misuse and theft. The need to comply with regulations, meet auditor demands, and minimize data risk adds to the challenge. To meet these needs, the focus must shift to the data itself. Traditional security solutions that focus on the external threat are not the answer. Data-focused technology is required. Understanding where data is located is the foundation of a sound framework for assessing governance and compliance risk. Therefore, data discovery is a critical component of risk mitigation. While much attention has been paid to discovering data on laptops and other end point devices, a bigger problem looms within the data center. The same principles of data discovery must be considered inside the data center itself. This article explores data center data discovery. Typically, sensitive information is scattered across the enterprise. Regulations such as the Payment Card Industry Standard (PCI), Gramm-Leach-Bliley (GLBA), Sarbanes Oxley (SOX), and the Personal Data Privacy Act of 2007 require companies to protect data determined to be private. Customer information, employee information, and operational information can reside in databases and file shares hidden and unprotected in the data center.
SC Magazine, By Prat Moghe, November 5, 2008