Did you know that according to Gartner Research, 12.5 billion was spent on perimeter security, 6 times more than that was spent on Data Security which constitutes of Encryption, Tokenization, and web application security?
All of the security solutions that we design – take firewalls – have their roots in physical security. But unlike physical walls, IT perimeter is not static. It is proven time and again that this perimeter is porous, due to constant evolving nature of products, patches, and people. It is very evident from the surging number of data breaches, that the attackers have far better weapons and absolutely no need to play by the rules, to break the wall. Moreover, in the age of BYOD, perimeter security is necessary but not at all sufficient.
And so, isn’t relying only on perimeter security like living inside a security bubble, much like the famous Bubble Boy from Seinfeld? The “bubble” is a seemingly sufficient layer of protection to create a sterile environment around the subject inside. The moment it is burst, it exposes the poor subject to a world of threats.
There is a better way – instead of fighting the security battle from the periphery of the organization, can we protect the data from within? This starts with knowing exactly where your sensitive data is. Only when you know what to protect will you be able to protect it completely. This is the first step of formulating a sensitive data-centric security strategy so that the data can defend itself in case of an attack. This strategy starts from the center, where the data is actually stored in databases, file systems, and file servers
Once you know where your sensitive data is, you can protect it by masking, monitoring sensitive data access, and retiring inactive sensitive data.
This inside-out sensitive data-centric approach allows the organization to depend less on the perimeter effectiveness because their data is “immune”. That way, even if the bubble bursts, the data stays safe.