Many conversations surrounding cybersecurity tend to be focused on securing infrastructure, centering on reducing the potential for bad actors to breach systems and networks. Data-centric security is an approach related to zero trust that prioritizes the protection of the data itself, as it is a sensitive and powerful asset for organizations. There are a number of steps and layered measures that come into play when building a data-centric security strategy, as data requires protection from many different risks. Data loss prevention (DLP) is one part of the equation that can contribute to an organization’s efforts to protect its data against attacks and other threats.
Defining Data-Centric Security
The distinguishing factor in data-centric security is a particular focus on protecting data throughout its lifecycle, as opposed to fortifying an organization against infrastructure risks. A data-centric security strategy involves a variety of tools and practices working toward the end of understanding, managing, and protecting sensitive enterprise data. The data-centric approach places the security of actual data assets in the spotlight rather than taking the traditional route of implementing solely infrastructure-based security measures and solutions.
Data-centric security is necessary to fill in certain fundamental gaps in data protection that cannot be addressed by traditional infrastructure security. These gaps include:
- Behavior: Human error poses a major risk to data security.
- Visibility: Organizations can lose track of data and who accesses it after it is shared outside the company.
- Control: Maintaining control over data throughout its lifecycle is a significant concern for organizations.
- Response Time: New security tools or policies are difficult to quickly adapt to.
While data-centric security is interconnected with zero trust security, they are not one and the same. The additional factors beyond data that come into play with zero trust—users, devices, applications and workloads, network and environment, automation and orchestration, and visibility and analytics—are important considerations as part of a solid zero trust security approach. However, the data security aspect of zero trust is “central to the model” and the other pillars work largely to effectively secure enterprise data.
Many different approaches to data-centric security exist, all centered on the goal of securing data organization, governance, and access. Not all organizations will be able to benefit from implementing the exact same tools or measures in an effort to protect their sensitive enterprise data. Some of the most fundamental and crucial tenets included in many data-centric security strategies include data encryption, access controls, data classification, data governance, data monitoring and auditing, and data loss prevention.
The Role of DLP
When it comes to data-centric security, an effective DLP solution can be a vital part of a company’s security strategy. The purpose of DLP is to prevent sensitive data from leaving an organization’s network. While different DLP solutions achieve this aim through different means—e.g., monitoring outbound traffic versus monitoring data at endpoints—all of them are focused on protecting data against loss or leakage by detecting suspicious or risky behaviors related to the data.
Notably, many modern DLP solutions include specific measures to prevent insider threats, both malicious and accidental. Whereas non-data-centric security approaches often focus on keeping outsiders out, data-centric approaches must account for the possibility that users inside the organization may intentionally or unintentionally leak, damage, or destroy data. DLP technology can monitor behaviors that may lead to the loss of sensitive data, such as insiders sending files to the wrong recipient, and block the action or warn the user.
DLP solutions have been rising in popularity as more and more organizations realize the importance of having measures in place to protect against unauthorized exfiltration of sensitive data. As the presence of cloud data and hybrid working environments has grown over time, the need for DLP has become abundantly clear to many businesses. Even organizations that do not employ specific DLP tools are increasingly “demanding robust DLP solutions” and including “DLP-like functionality” among the tools they do implement.
Historically, there have been challenges with implementing and maintaining DLP in a way that is both effective and nondisruptive. Organizations have had trouble managing their DLP solutions, with IT and security teams getting bogged down in false positives, detracting from their ability to successfully protect against real threats. However, some modern DLP solutions—and solutions that include DLP functionality—utilize more advanced technology and tactics such as machine learning and data lineage in order to optimize the accuracy and efficacy of DLP tools.
Data-centric security is a matter of approaching cybersecurity from a standpoint of protecting valuable assets from a variety of threats, rather than simply defending networks and systems against external attacks. With a security strategy that is focused primarily on protecting sensitive enterprise data from being mishandled, organizations can prevent a wide range of consequences, from traditional threats like hacking and phishing to malicious insiders and accidental leakage. Many factors must be considered when building up data-centric security, and a good strategy will layer a number of tools and measures in order to secure data. DLP can be an effective solution for organizations to implement as part of a robust data-centric security strategy.