Setting the Foundation for Data Security and Compliance
In today’s data-driven world, managing data classifications and lifecycle across enterprise data has become critical for ensuring data security, compliance, and operational efficiency. The Target Operating Model (TOM) offers a comprehensive blueprint to transition data classification activities to a managed service, enabling better process flow, rule enforcement, and consequence management.
Understanding the Operating Model
An operating model depicts how an enterprise orchestrates its Information and Technology (I&T) capabilities to achieve strategic objectives. Essentially, it shows “how things get done” and ensures consistency across all data types, improving the quality, accuracy, and reliability of data classification.
Key Benefits
- Consistency: Ensures consistent application of best practices and standards across all data types.
- Integration: Enhances overall efficiency by strategically integrating with wider operations.
- Improvements: Drives continuous improvement and innovation, keeping the solution effective and relevant.
- Data Centric: Protects digital information from risks including unauthorized access, disclosure, modification, or noncompliance.
Data Classification is not Data Loss Prevention
Data classification is the process of categorizing data based on its sensitivity and importance, ensuring its proper handling, storage, and access controls. It involves tagging data to identify its level of confidentiality and regulatory requirements, aiding in efficient data management and protection.
On the other hand, Data Loss Prevention (DLP) is a security strategy focused on preventing sensitive data from being accessed or transmitted by unauthorized entities. DLP solutions monitor, detect, and block potential data breaches by enforcing policies that control data movement and usage.
Data classification is the most essential foundation for understanding and organizing data, an effective DLP depends on this foundation to safeguard against data leakage and ensure proactive control of security and compliance violations.
Most organizations have a DLP service organization but lack a data classification service organization which is skilled and dedicated to improving the reliability, quality, relevance and accuracy of enterprise data.
The Framework
Align
- Organization: Define business use cases related to sensitive data and ensure the TOM mission supports them.
- Legal, Compliance, Security: Align with IT, Integrated Risk Management (IRM), and legal to meet regulatory and organizational requirements.
- Partners: Identify partners and ensure strong communication around material changes to agreements, architecture, and technology roadmap.
Invest
- People: Invest in skills development, recruitment, and training of security expertise.
- Process: Implement processes that fit with the TOM and overall security operations governance model.
- Technology: Invest in a technology platform to enhance capabilities, solutions, and reporting.
Measure
- Data State: Establish targets to measure the % of data state managed with required controls throughout their lifecycle.
- Data Compliance: Create KPIs to quantify data compliance risks beyond sensitivity labels.
- Risk Reduction: % Risk reduction is key to conveying value to leadership and validating investment.
Operational Details
The blueprint includes discovering structured and unstructured data across multiple environments, automatic classification, and reporting of discovered unstructured data. Collaboration between Data Classification and IT platform teams ensures seamless integration of auto data classifications.
Supported Platforms
A data classification strategy MUST consider the following 3 technology dimensions as a minimum.
- Device Platforms: Windows, Mac OSX
- Applications: Power BI, CIFS, SMB, NFS/DFS, NAS/SAN, SPO – ODB, Exchange Emails, Cloud Storage, M365, Google, SQL/NoSQL Databases, 3rd party Apps, AWS.
- File types: such as Word, Excel, PDF, PowerPoint, Images, DBF, Compressed files, HTML, Text, XML, Binary, Email files in SPO, DB.
Governance and Operations
Governance Board
- Exec Champion and Chair, Convener, Policy Setting, Monitor operating model effectiveness.
- Data Governance Architects for Classification, Security, Retention, Audit, Analytics.
- Operations team for Policy Maintenance, Refinements, Technical Issue Management.
Invest in the Operating Team
- Planning, Design, Development, Testing, Validation, Refinement.
- Monitoring, Detection, Technical Issue Management.
- Data Classification automation, refinement, reporting.
- An operational process to integrate ‘Data classification’ operational incidents with Data loss prevention incident management for establishing a feedback mechanism based on incorrect classifications contributing to data loss prevention incidents.
Skills Planning
Data classification skills and mindset is different from Data loss prevention. Whilst both technologies are closely related, data classification skills require additional investments in engaging with business to identify data definitions and develop approaches to automatically discover and classify relevant data. Consider following guideline when deciding ‘Hiring Employees’ vs ‘Partnering with a Data Governance specialist like Infotechtion’.
Critical Activities
Evaluate use cases with data governance impact, capture data classification rules, implement policies, monitor data against policies, manage deviations, and educate users with ‘canned replies’ to work with classifications.
Incident and Escalation KPIs
- Number of Triaged Events escalated as Incidents.
- Triaged and Incidents by Source.
- Time to Return to Known Good State.
- Top Data Types contributing to Incident Declaration.
A Day in the Life of a Data Classification Triage Engineer
The activities are entirely different from a DLP triage engineer. For organisations investing in automation of data classification, a triage engineer is mostly focused on accuracy of classifications and work towards improving the coverage and accuracy of the data matching classification rules. These activities may also include addressing user concerns about classification labels, providing canned responses, and collaborating for broader communication. Monitoring, reviewing, and refining classification rules.
Conclusion
The blueprint for a target operating model to manage data classifications and lifecycle across enterprise data is comprehensive, ensuring consistency, integration, improvements, and a data-centric approach to security. By aligning, investing, and measuring performance, enterprises can safeguard their digital information effectively and adapt to evolving technological, regulatory, and organizational needs.
Infotechtion offers a complete managed ‘Data Governance Service’ to help organizations establish a highly governed data centric security framework. Take control of your information today. Whether you need expert advice, custom solutions, or guidance through information management challenges, we’re here to help you. Contact us at contact@infotechtion.com, to speak to one of our experts.
