copyright © 2014 stealthbits technologies, inc.. all rights reserved. | stealthbits technologies,...
TRANSCRIPT
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
STEALTHbits Technologies, Inc.
• The Unstructured Data Challenge
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. | 2
Who is STEALTHbits?
For over a decade, STEALTHbits has been a trusted partner to the world’s largest organizations, and some of the smallest too.
STEALTHbits is a “roll up our sleeves” organization that gets the job done – an important trait in difficult times when the stakes have never been higher.
300+ clients across 5 continents
5 out of the top 6 Global Financials
OEM’ed by Gartner’s Leading IAM platforms
Integrated w/ biggest names in technology
96% Customer Retention Rate 65% Techs
Self-funded since day 1
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. | 3
Premier Customers
Technology Partners
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Agenda
• What is Unstructured Data?• Why should Unstructured Data be at the top of your
list of security concerns?• What challenges are you going to face in trying to
secure your Unstructured Data?• What can you do today to begin mitigating your risk?• What should you be thinking about tomorrow to
control access to Unstructured Data permanently?
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
What is Unstructured Data?
• Technically Speaking– Data that lacks a defined structure, unlike
structured data that fits into the traditional database row and column paradigm
• Non-Technical Translation– “Human-generated” Data– Documents, Spreadsheets, Presentations,
and other data types that reside on File Shares, in Collaboration Portals (i.e. SharePoint) on Desktops and Servers
White Paper Download
‘Getting Unstructured Data Under Control for Security & Compliance’
- Randy Franklin Smith
www.stealthbits.com/rfs-getting-unstructured-data-under-control-white-paper
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Challenges•Understanding risk exposed by insider access to data
• Establishing business data ownership to ensure proper access oversight
•Gaining full insight to how access is granted to all organizational data
Impacts
Rogue Barclays employee uses access to defunct line of business data to sell customer info for profit
Hospital employee accesses hundreds of patient records even though they weren’t under their care
Improperly configured access leads to massive data breach
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Unstructured Data - What You Know
Unstructured Structured
80% of an organization’s data is unstructured (dark data)
There is a lot of it
650% growth predicted in next 5 years
It is growing fast Security is critical
30 - 40% of that data is sensitive
Sensitive Non-Sensitive
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Unstructured Data - What You Don’t Know
•Ownership–91% of organizations lack a
process to determine data ownership
•Who has access to what?–76% of organizations are unable
to determine who has access to their data
• The Risk–Audit & Regulatory Fines • SOX/PCI/MAS
–Sensitive Data Leakage • Brand damage
– Inability to Execute• IAM / IAG•DLP
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Access Today
Windows File Systems
EMC/Isilon & NetApp NAS
SharePoint
NFS & UNIX
Active Directory &
LDAP
NIS
Local Users & Groups
SharePoint
SharePointWindows File
Systems
Windows File Systems
Windows File Systems
Windows File Systems
Windows File Systems
Windows File Systems
EMC/Isilon & NetApp NAS
EMC/Isilon & NetApp NAS EMC/Isilon &
NetApp NAS
Local Users & Groups
Local Users & Groups NFS & UNIX
SharePoint Admins
AD Admins
UNIX Admins
Helpdesk Admins
Business Data Owners?
• Access has grown organically with the infrastructure
• Granting access is a matrix operation
• No one knows the whole story
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
What has IAM done for Unstructured Data?
• Focus on applications–Connectors are king
•With unstructured data, there is nowhere to connect–Scale of the problem too large–Too many file stores
IAM
HR
ERP
Data?
CRM
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
What can you do today?• Discover where Unstructured Data Exists– Close the door on Open Access• Open Access Remediation (File Shares & SharePoint Sites) • Identify your Local Administrators and recertify their access
• Clean-up your Mess– Active Directory Clean-up• Stale Groups, Users, Computers• Toxic Conditions (Circular, Deep-level, Improper Nesting)• Attribute Incompleteness
• Find the data that poses the greatest risk– Sensitive Data Discovery• Compliance data, PII (Customer and Employee data), Trade Secrets, etc.
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
What should you be thinking about tomorrow?• Understand where Active Directory Groups have access– Determine whether or not they still need access– Transform your Security Model (Resource-based Groups)– Assign Owners/Data Custodians
• Put a Data Access Governance Program in place– Integrate Unstructured Data with Identity & Access Management platforms– Perform regular Entitlement Reviews– Implement Self-Service Access Requests
• Monitor Activity – Understand how access is changing and who is accessing the data– Track Anomalies and/or Suspicious Activity
Copyright © 2014 STEALTHbits Technologies, Inc. . All rights reserved. |
Request a Trialo www.stealthbits.com/trial
Learn Moreo www.stealthbits.com/resources
Ask Us a Questiono www.stealthbits.com/company/contact-us
Attend a Demoo www.stealthbits.com/events