Data Security: How to move to a data-centric approach

others   |   
Published March 13, 2020   |   

Take a moment and think about some of the changes in computing over the last decade. The iPad debuted in 2010. Smartphones weren’t in everybody’s pockets yet. 4G was starting to branch out from major cities around the world. And we had only a taste of the Big Data.

The way everyone uses computers has fundamentally changed. It has redefined the role networks play in our lives. Employees are no longer limited to corporate systems and workstations to do their job. Students can connect to academic servers from any place on earth. The use of mobile devices, laptops, and tablets have now fostered the growth of the telecommute era.

It’s time for companies to embrace the data-centric approach. It’s the only way to adapt to technological advances and prime themselves for the changes to come.

What Does it Mean to be Data-Centric?

Data-centric refers to structuring architecture to make the data the primary assets. Applications and hardware may come and go, but data will be around and valid forever.

It goes against traditional approaches to data. Businesses aim for functionality when purchasing application systems. The problem is, each application has a unique data model that binds data with its own code. To change between data models and move between systems can be challenging. Millions of lines of code depend on the current model. And this is only the beginning. Moving into each system then involves thousands of different individual apps and attributes. Most of them may not be able to export data.

The data-centric approach flips this entirely. When using a data model, each application reads and writes data through a shared channel creating a database. With standard core terms, it’s possible to both use and edit applications as needed while accessing data.

The Challenges of a Data-Centric Approach

New technologies form the foundation of a data-centric approach. It makes it possible to use different methods of communication to share data via WiFi, cellular, and Bluetooth connections.

It creates new security issues while diminishing the classical notion of internal networks. With all these connection points, how do you track authorized and unauthorized users? After all, there’s now a more significant number of active users and devices operating on a corporate network.

Shifting to a data-centric approach needs organizations to focus on network tools and solutions. It moves away from the “fortress” concept of security. Instead, it translates into prioritizing security products to secure all network components. It includes both hardware and software.

Built for Data from the Ground Up

What valuable data do you have? How can you use it? You need to answer these questions as you set up your company network. It’s a more strategic and holistic view that requires recognizing the value of assets. This process is data classification.

From data classification, it’s time to assess where you locate data in the network, who uses it, and for what purposes. Then answer these data flow questions:

  • How does information travel the network from its origin to the end of its current utility?
  • How do you dispose of data when it reaches the end of its life cycle?
  • How do you distinguish between valuable and worthless data?
  • Is deleted data truly gone?
  • Who accesses data during the process? Does anybody control the data stream from start to finish?

Once you understand your assets, you can then begin applying the right accessibility and security control.

Adopting a Risk-Based Security Model

These underlying strategies are the inherent components of a risk-based security model. It better secures your network assets.

The five pillars of a risk-based security model are:

  • The value of both the data and the system you are trying to protect.
  • Risk. What harmful events like data loss or theft can result in unauthorized individuals having access to data?
  • Vulnerability. Weaknesses such as bugs, coding errors, and misconfigurations. Pretty much anything that attackers can exploit to harm your network and data.
  • Threats. Who are the threat agents that may want to target your network? How might they attack you? Will they use malware, or will they physically compromise your devices or office?
  • Countermeasures. How can you prevent attacks and defend your assets? Do you have the necessary tools like VPNs, firewalls, alerting, and monitoring programs?

To reduce risk, you need to:

  1. Identify the vulnerabilities in your environment
  2. Block and deter threats.

You cannot undervalue the importance of security countermeasures. If data is your top asset, then you need to safeguard it from both internal and external threats. Since so much of the data-centric revolves around remote devices, all devices need a VPN when accessing company resources.

NordVPN has the best reputation for both security and convenience. Using the latest encryption protocols, it ensures a safe flow of data throughout your network. Implementing it is easy too. Employees can leave it enabled at all times to maximize efficacy. It’s best to use it both a device and router-level to create a wide net of protection.

Aside from a VPN, other security tools are vital. More than anything, employers must encourage cybersecurity in both professional and personal settings. It is one way to digital safety of your assets.

How to Move to a Data-centric Approach

The data-centric approach is more strategic than anything. It’s taking these ideas and integrating them into your systems. You can think about it in these core areas:

  • Who: users, admins, developers, customers, and guests
  • What: laptops, smartphones, tablets, workstations, Internet of Things (IoT), and other remote devices
  • Where: wired and wireless networks (LAN, WLAN), virtual networks, cellular networks, and Bluetooth

Technology’s Changing Fast, but Data is King

Ten years ago, you could have hardly imagined what technology you’d be using today. Apps that have redefined everyone’s lives like Uber, Airbnb, and Apple Pay were barely in their infancy or non-existent. You can’t predict how technology will change in the next decade. But data will always reign supreme.

A data-centric approach drives your company into the future. Implementing it will take time, but it’s the best tool to position any business from long term growth and success. Review these strategies with your team to bring the best of the data-centric revolution to you.