& Security

The Complete Guide to Data Security by

Every day, the world generates approximately 2,500,000 terabytes of data.

Not all of this data is of equal value. Most of it consists of logs and reports, which is useless to everyone except the data owner, who might use it for analytics and diagnostics.

Hiding among this mass of data, however, there is some extremely valuable information. Classified corporate information that would give rivals a competitive edge. Personal data that can reveal someone’s identity. Payment details allow for seamless cash withdrawals.

Cybercriminals will do anything to obtain this information. It’s up to data owners to stop them.

Oscar sage
Most valuable forms of sensitive data
  • Login credentials
  • PII (Personal Identifiable Information)
  • Classified corporate data
  • Payment information and credit card details
  • Financial records
  • PHI (Protected Health Information)
  • Personal Data as defined by Europe’s GDPR
  • Staff records
  • Education records
  • Biometric data
The cost of data breaches

A data breach is any exposure of sensitive data to an unauthorized party. Such parties can include hackers, rogue employees or any person who isn’t authorized to access the data.

Dealing with a data breach is expensive. IBM estimates the average recovery cost at $3.86 million. This figure includes immediate restorative action, as well as loss of business and reputational damage that arises from losing customer data. Regulatory fines can push this figure even higher. In 2017, Equifax received a world-record fine of $575 million for a data breach that resulted from a missed Apache update.

Data breaches can also cause real human suffering. Over 650,000 people experienced identity theft in 2019, and many of these cases were directly linked to data breaches. When a customer provides you with their private data, they’re trusting you to keep them safe.

When is data most at risk?

Data can be in one of three states: in use, at rest or in transit. Each of these states has its own level of risk.

What it means State What’s the risk
The data is in the memory of a production system. This could be an automated system, such as an eCommerce module, or a user-facing system like the CMS. In use Unauthorized users may be able to capture this data. If hackers can obtain credentials, they could log in and steal information.
The data is stored in a data repository, such as a data warehouse. This may be on-premise or in the cloud. At rest Unauthorized parties might be able to access unencrypted data repositories and backups. Data warehouses need to be integrated with other systems, or crucial data may not be available when needed.
The data is moving from one location to another. This could be synchronization between systems, or a user accessing a remote system. Transit can be in-premise or across the internet. In transit Hackers can intercept unencrypted data as it moves between locations. If a user is on public wi-fi, they may be especially vulnerable to attack.
The basics of data security

In this guide, we’ll look at how to develop an effective data security strategy. The key elements to bear in mind are to:

  1. Management buy-in to support a security-first culture.
  2. Create a data security policy.
  3. Understand your compliance requirements.
  4. Categorize your data according to sensitivity.
  5. Control access to data.
  6. Use a trusted ETL partner to protect data in transit and during transformation.

If you’d like to learn more about how can protect data in transit, you can jump ahead to chapter six.

Continue reading
Chapter 1
Developing your Data Security Policy