Startups: Is your Data Protected?
Actionable steps to assess if your structured & unstructured data are secure
While it may seem that unstructured data is just a jumbled mess of useless information, in actual fact, it can be a treasure trove of sensitive data that just happens to be in an unorganized format. So you may ask, why is it essential to secure unstructured data? Or what are the benefits of leveraging it?
Before answering the question you are here for, how to check your structured and unstructured data, we need to answer a few basic ones. And while it may seem that you are wasting time with general definitions, trust me, you are not: it’s all part of the bigger picture.
Structured versus unstructured data: Pandora’s box
Experts say that “unstructured data is that which has no model or predefined format”. What this really means is that your unstructured data is anything that you have not stored in tabular formats. That’s right, any data that your startup has not input into excel sheets is unstructured data.
By now, you might be freaking out a little because you are realizing that most of your data is unstructured. And you have tons of it. To add to your anxiety, you know that your startup generates a significant amount of data every day, and it will only just get worse.
Text, images, videos, CCTV footage, IoT device data, edge computing data, sensor data, emails, and even all your social media data is unstructured data.
The problem with unstructured data is that it gets out of control very quickly and is challenging to keep track of, allowing it to be leaked, lost, or even destroyed. That doesn’t even speak to the fact that much of that data is useless and costs you money to store and maintain, yet unstructured data can paradoxically take you on a unicorn path to success.
But before you lose momentum and decide to drop off from reading this article to examine the state of your own unstructured data on social media, let’s jump straight into some helpful tips. Here’s the lowdown on how to secure your structured and unstructured data—step by step.
Step by Step: How to check all your data
Step 1. You have to identify what kind of data you’re even collecting. Don’t just tell yourself, “oh, it’s in my head, I know what we collect.” The simple way is to create a document that experts like to call a Data Inventory.
Data inventories can be extremely complex, but they can also be very simple, like a spreadsheet showing all the types of data you collect—your suppliers’ and customers’ emails or names or phone numbers, and then how you collect those! There may be situations where you collect a type of data, for example, names, in multiple places, and that needs to be recorded as well!
Once your formal Data Inventory is done, you can move to Step 2, and this can be surprisingly fun and revealing for your security. Document all the places where that sensitive data resides. You need to build an Asset Inventory of all the SaaS tools you have, all the S3 buckets that exist, and all the vendors with whom you’re sharing that data directly or indirectly. In simple words be exhaustive and honest!
If you get past step two, you can move to the next: Step 3. Figure out who the heck has access to all that juicy data and whether they SHOULD have access. Start cutting access like Game of Thrones kills off their characters…
Swiftly and unexpectedly.
Additionally, when you are doing the data inventory, don’t just look the other way when it comes to your IoT and edge computing devices or networks. Remember how we talked about Asset Inventory?
Data doesn’t just get stored in SaaS applications. It can get stored on hardware devices as well, which tend to grow legs and go missing.
Unfortunately, if you don’t have controls to wipe that asset remotely, you’ve now opened yourself up to lawsuits, fines, or at the very least, a big ole headache. Even IoT devices have memory chips these days and can be manipulated to connect to networks in order to wreak havoc well beyond that little Alexa puck sitting on your desk.
This is a straightforward, yet effective approach to start securing your structured and unstructured data. So you really have no excuse. Data integration strategies, integral data quality management frameworks, and data security are hot topics today. Why? Companies are trying to abandon centuries of gut-decision-making business models and struggling to become data-driven.
This means, that executives can no longer make the call on the next marketing campaign or the budget cuts to make during a recession, just because “it feels right to me”.. Yeah, that´s right, imagine making decisions actually based on data and not on your intuition and experience; that is a wild experiment. But it turns out that companies that do this are separating themselves from the pack and boosting their sales.
Data security: What to keep an eye on
When it comes to data security, there are several things to watch out for. However, the majority of breaches come from phishing and credential hacking. It is truly amazing; cybercriminals are not punching in any sophisticated code to hack companies. Why would they? After all, they only need one worker who will happily give them the administrative credentials. Memo: security awareness workshops organized by IT departments should not be optional, or the perfect opportunity for a nap.
The second thing to be on the lookout for is data encryption. Encrypting your data where in use, in transit, or stored, is the ultimate protection against ransomware. The beauty of encryption is that this feature is readily available across all major Cloud Service Providers without any additional tech or requirements.
You can enable encryption on data in transit leveraging TLS principles with the click of a button. Encrypting your data at rest is also just done with a click of a button, but it does require a little extra effort in terms of testing to ensure you don’t break your production environment in the process!
One button. Click it!
In the end, cybersecurity and data management approaches do not have to be so complicated to be efficient.
Taking an honest, hard, and deep look into all your data, where it comes from, where you store it, and how you use it will not only help you secure your organizations, but also give you a lot of insight into your business. Data is, as they say, after all, the new gold. So you might want to give it your best shot to track it and keep it safe.