– David Gibson, director of technical marketing and strategic sales at Varonis (www.varonis.com) says:
2011 was one of the most turbulent years for data owners in recent memory, and next year will be no different. In order to cut through the data jungle, we’ve identified four key areas that are poised to present challenges in the coming year – – secure collaboration, “big data,” data automation and insider threats.
Look for secure collaboration to go viral. Data will continue to grow at 50% year over year, digital collaboration will continue to be the core of every business process, and IT budgets will stay flat. Instead of losing complete control, 2012 will be the year data owners get involved – they will take back access control decisions from IT, demand automation to analyze data, make better decisions, and eliminate costly, ineffective manual processes.
“Big data” analytics will expand to include the biggest data of all: unstructured information sitting on file servers, NAS devices, and in email systems. Effective data governance requires harnessing the power of metadata through intelligent automation. It is not surprising that industry experts are now saying that the same kind of automation is necessary for more than good governance. In order to harness the power of big data, you’ll need to analyze and look for patterns in how and when these massive amounts of data are used, who uses it, in what sequence, and what it contains in order to effectively run a data-driven organization. It’s a widely known fact that the majority of big data in the enterprise is unstructured versus structured.
Organizations will start keeping track of their assets through automation and many IT departments will begin taking drastic measures, such as shutting down “at risk” servers or access to e-mail if the proper audit trails are not in place. More and more requests are coming from corporate users who have hundreds or thousands of employees to deploy our technology to understand data usage, data ownership, permissions optimization, and to identify and contain their internal threats.
In a recent high profile case, one organization used our software to catch an infiltrator who was operating as a contractor within their firewall. Another company recently enforced a policy of “no visible audit trail, no email!” Meaning, if the auditing is not available in their email system, they aren’t allowed to use email. Another large enterprise has also recently said that auditing has become so important that they are adopting the same policy on their file systems.
Internal threats will still be a major worry despite the demise of Wiki Leaks. When it comes to data loss, threats from inside the organization have become as dangerous, if not more so, than those from outside. In many of the security breaches in 2011, employees or contractors were able to delete or download thousands of files without raising concerns because often no one was able to determine what sensitive data they had access to and secure it before information could be stolen, view an audit trail of what they actually did access after the fact, and certainly not hear any alarms go off while the breach was in progress, when access activity was unusual.