What is data sprawl?
Data sprawl refers to the staggering amount and variety of data created by organizations every day. And it has become unmanageable. This is largely due to the proliferation of cloud apps, the variety of enterprise software, mobile apps, storage systems, and data formats each company relies on.
Data sprawl is here to stay:
- Your data may be stored in a variety of systems across your network and the cloud, as well as employee’s personal devices.
- Your data might be siloed, so that the same data is duplicated across numerous systems, based on formatting, department, geography, or some combination of these.
- Employees may be downloading copies to their endpoints in order to overcome security or network limitations.
- Cloud to cloud traffic- employees moving data between different cloud applications.
Security concerns that are magnified by data sprawl:
Non-Compliance: Data is much harder to keep track of when it’s dispersed across your departments. This puts your company at risk of noncompliance with industry-specific regulations like HIPAA, PCI DSS, and the Sarbanes-Oxley Act. Ideally, compliance regulated data is allowed to be stored and processed in certain locations, and by certain people, but in reality, it is actually being accessed much more widely.
Unknown locations: Every system that has access to sensitive data is a potential for cyber attacks. Without knowing all the locations your sensitive data is stored in, you can’t implement the right security measures for your infrastructure, your data and your employees. Is the marketing team using Dropbox, Asana, or other cloud apps for collaboration that may be exposing customer data? Are HR employees exporting reports from sensitive databases and uploading to a shared network drive that can be easily accessed by other employees?
Multiple copies: Multiple internal copies, and multiple people accessing those copies, increase the likelihood of data being leaked externally, and therefore the risk of data breaches.
Device Theft: A CEO storing intellectual property data on his/her unencrypted laptop and it is stolen at the airport. Do you have a BYOD policy for mobile phones?
Personal Unsecured Cloud: An employee accidentally uploading a design document to his personal dropbox instead of the corporate dropbox. We have all done this accidentally, or for convenience, or to speed our work.
Ways to manage data sprawl?
- Keep track of your compliance regulated data and the systems it originates from. Once data is exported from those systems, keep track of all the destinations it is getting to, and all the people accessing it.
- Identify the different types of intellectual property, trade secrets, or any information that would be of value to your competitors.
- Gain visibility into all the locations your sensitive data/Intellectual property is stored in, and all users who are accessing it, so you can make a decision around what type of security tools and processes to put in place. Once you discover all risky destinations your IP is going to, such as, unapproved cloud apps, personal cloud storage, external and personal email, external devices and more - you can start to determine how to reduce and mitigate risk.The first step may be to determine what security training is needed and for whom.
- Third-parties account for 42% of data breaches. Monitor all sensitive data that is shared with them and ensure you are not oversharing. In addition ensure they follow best practices that protect your data. There are several tools for assessing third-party risk.
- Understand the reason for this sprawl. Are there insufficient tools for employees in the company to use? Or is there a lack of approved corporate cloud storage apps? Are there employees purposely exfiltrating certain types of data?
- Track and focus on risky employees for HR review (for example- repeat offenders, departing employees.)
Based on answers to these questions, you can take appropriate action such as purchasing tools that increase productivity, and implementing acceptable data usage policies.
How does Cyberhaven help?
Cyberhaven automatically discovers all the locations your Intellectual property and client data is stored in. It alerts you when your data is getting to risky destinations, or is being processed inappropriately by risky users (such as departing users or repeat offenders). It allows you to understand if a data leak happened accidentally or intentionally so you can remediate appropriately.