Cybersecurity: data lineage at the service of data loss prevention (DLP) ?

 


Technical data lineage coupled with the detection of information uses makes it possible to know from any data, who finally accesses it, and in what context.



What if it's a big problem with real security information, a simple and effective answer for the prevention of data leaks/losses?


What is DLP (Data Leaks / Loss Prevention)? 

_______________________________________

“The term Data Loss/Leaks Prevention (DLP) refers to a set of techniques that identify, control and protect information through in-depth content analysis, whether the information is stored, in motion, or processed. The objective is to limit the leakage of sensitive data.


A DLP solution is able to identify sensitive data, locate where it is stored, control who should have access to this data and finally protect it, i.e. prevent any unauthorized person from having access…” Wikipedia


It is a major component of the world of Cybersecurity.

 

The major components of a DLP solution

_______________________________________

DLP solutions are disparate and generally do not provide the same answers. Nevertheless, they often have a common base that includes the following 3 features:


  • Management of output devices, for example blocking USB keys, etc.
  • A content-related component, preventing certain data from being copied to certain components.
  • A component relating to the rules: these are constraints in terms of printing, sending information by email, etc.

The limits of DLP solutions

_______________________________________

Companies spend billions on DLP!

According to CrowdStrike, spending is expected to reach over $6 billion by 2026.

Unfortunately, many companies don't see the return on investment they expect: DLP solutions have earned a reputation for being too difficult to implement and maintain, and they don't deliver the right relevance for all technological stacks concerned. They have also acquired the reputation of triggering false alarms, a shame!

Without replacing the Data Leaks Prevention solutions, the data lineage associated with the analysis of the uses of the information will make it possible to secure the sensitive data with regard to its deployments in the Information System.

Data lineage will also make it possible to know who is accessing it, while responding to a large number of other issues.

 

... But what is “data lineage”?

_______________________________________

Data lineage reveals the life cycle of data.


It aims to present complete data flows, from the sources to the exploitation of the data by the businesses. This includes all the transformations undergone by the data until their uses.


By combining the different data flows, data lineage makes it possible to establish a real cartography of the Information System. This map can be shared with everyone.




Data lineage in the DLP / Cybersecurity context

_______________________________________

In a DLP context, dynamic data lineage is combined with the analysis of data usage (via a log scan), to instantly know who is accessing this or that data. This can be access via dataviz tools, or even via a simple request to feed an Excel file.


Compliance teams can thus, from the simple entry of a data name in a search engine, know the uses that will have been made of it, and thus pinpoint potential uses that do not comply with internal rules!


The analyzes of the Information System taking place daily, the answers delivered will always reflect reality. And it is possible to set up alerts, by email for example. All that remains is to act!

 



 

Data lineage has a virtuous impact in other contexts

_______________________________________

Data lineage is a technical component of Data Governance or Metadata Management tools. It makes it possible to address countless use cases, of which here are a few examples:


Strategic data dependency: Good data keeps businesses running smoothly. All business units, including marketing, production, controlling, sales departments, etc., depend on data. The information gathered from research, the field, operational systems, allows organizations to be optimized and products and services to be improved. The granular information provided by data lineage helps to better understand the real meaning of this data, and allows to validate its quality.


Up-to-date data feeds: Data changes over time, new methods of data collection and agglomeration must be combined, and used by teams to create business value. Data lineage provides monitoring features that allow these flows to be reconciled, and to make the most of old and new data sets, in the Cloud or on Premise.


Data migrations: when the IT department must migrate data to new storage solutions, typically the Cloud, or even operate technical migrations from software to software, it must be able to map and define the life cycle of the data in its source system. Data lineage provides this information efficiently, making migration projects infinitely simpler and less risky. In addition, data lineage makes it possible to prioritize and segregate flows, to precisely organize migrations.


Data governance: Data lineage is a good way to provide reassurance in the event of a compliance audit, improve risk management and ensure that data is stored and processed in accordance with organizational policies and regulatory requirements. The best known being the BCBS239 text, the data component of Basel III which aims to consolidate risk reporting in the banking world, as well as all the underlying supply flows. The second, much better known, is the GDPR, the European regulation which aims to give individuals control over their personal data. Data lineage will prevent the anarchic distribution of so-called "personal" data

Conclusion

_______________________________________

Data lineage is becoming an essential tool for sharing the governance of large and complex information systems.


To work on Data Loss/Leaks Prevention, which is a key element of cybersecurity, it will be a valuable ally, as it is simple, efficient, constantly up-to-date, and inexpensive compared to most DLP solutions! Many other topics can be covered elsewhere.

 









www.ellipsys-bi.com 
ellipsys@ellipsys-bi.com


 

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Migrer de Oracle à Postgre en automatisant le processus !

Image
    Migrer de Oracle à Postgre en automatisant le  processus, au forfait  ! De nombreuses entreprises quittent Oracle pour PostgreSQL   Oracle Database a la réputation d'être coûteuse en termes de licences et de support.  Cette politique de tarification peut rendre Oracle moins attrayante pour certaines entreprises. Bloomberg note une baisse des ventes de nouvelles licences chez Oracle. Baisse qui se perpétue depuis 7 trimestres.    En face, on a la base de données PostgreSQL,  qui est gratuite, que l’on peut modifier et distribuer, qui a la réputation d’être fiable et stable, avec une bonne gestion des transactions... Tous ces éléments la rendent appropriée pour des applications critiques où la cohérence des données est essentielle. PostgreSQL prend en plus en charge une grande variété de types de données, y compris des types géospatiaux, JSON, etc., ce qui la rend adaptée à la manipulation de données complexes et variées.     Postgre est maintenant la 4ème base de données la plus
Lire la suite

Sur-administrer une plateforme SAP BO simplement

Image
I- Introduction  _______________________________________ Courte histoire de SAP BO :  La Business Intelligence existe depuis 30-40 ans. Business Object, vient de souffler ses 30 bougies (1990). Pratiquement aux origines ! L’idée géniale des inventeurs :  rendre intelligible la donnée, et la mettre à portée de clic pour le métier.           Au départ, dans chaque entreprise qui implémente SAP BO, il y peu d’utilisateurs, mais très vite les plateformes sont dépassées par leur succès. Des Business Analysts viennent s’interfacer. La complexité, et même l’hyper complexité deviennent la norme. Et la confiance s’étiole. Les versions (BO 3.0…. 6, XI, XI R3, 4.0,1,2,3 …) se sont enchainées sur quasi 30 ans sans véritablement bouleverser le concept de départ même si la version Cloud (SAP Analytics Cloud) vient de voir le jour.    SAP BO vs « les tendances de marchés » : Le métier veut de l’autonomie, veut pouvoir jouer dans d’immenses « bacs à sable » de données, et obtenir des réponses instanta
Lire la suite

La Data Observabilité, Buzzword ou nécessité ?

Image
    La Data Observabilité,   Buzzword ou nécessité ?   La qualité des données utilisées dans les opérations quotidiennes a un rôle prépondérant pour les entreprises.    Une étude du Gartner de 2022 suggère que les "mauvaises données" coûtent aux organisations environ 12,9 millions de dollars par an.  Le Data Quality Hub du gouvernement britannique estime que les organisations consacrent entre 10 % et 30 % de leurs revenus aux problèmes de qualité des données, ce qui peut représenter des centaines de millions de dollars pour des entreprises de premier plan.  Dès 2016, IBM estimait que la mauvaise qualité des données coûtait aux entreprises américaines 3 100 milliards de dollars par an. ... Tout le monde souhaite s’appuyer sur des données intègres pour éviter des erreurs simples liées à des problèmes d’alimentation dans des flux, ou à des données mal organisées, répliquées, etc. Mais comment ?    Les techniques d' "observabilité des données" sont une option.     
Lire la suite