Orchestrating data for a secure world

Complex data environments have encouraged as much Digital Transformation as they have opportunities for bad actors to exploit weak security. Molly Presley, Senior Vice President of Marketing, Hammerspace, offers advice on best practices for organisations to protect sensitive information and the importance of data officers.

As organisations embrace Digital Transformation, they become more reliant on data for core operations. Ensuring the security of digital assets and data becomes integral to maintaining Business Continuity. In response to these trends, organisations are placing a higher emphasis on data security and privacy. Data officers and security teams are collaborating closely to implement robust security measures, ensure data encryption, establish access controls, conduct regular security audits and train employees on data security best practices. This increased focus on data security reflects the growing recognition of data’s importance and the need to manage, protect and leverage data assets effectively in today’s interconnected, distributed and data-intensive business landscape.

Data officers play key role

The rise of data officers, particularly Chief Data Officers (CDOs), has been closely intertwined with the increasing importance of data security within organisations. Many organisations have been plagued by copies of data leaking outside the organisation or not being protected properly across different servers, storage and cloud systems. The challenge of ensuring all of an organisation’s data is managed, protected and archived according to compliance, ransomware protection and disaster recovery requirements is a daunting task.

The role of the data officer is expanding as organisations are paying more attention to storage, backup and data security to prevent data leaks. The data officer has become increasingly important in designing IT architectures that provide an audit trail that includes assurances on the handling of data copies as well as policies that ensure all global data is secured and protected properly.

Managing the security of unstructured data

Unstructured data has been relentlessly growing by more than 20% per year for many years, and International Data Corporation (IDC) estimates that upwards of 90% of business information is likely to be formed of unstructured data by 2025. Artificial intelligence (AI), scientific discovery, Machine Learning, Extended/Virtual Reality, autonomy and corporate video are just some of the industries driving the creation and volume of unstructured data.

The surge of unstructured data has resulted in an explosion of storage silos with a proliferation of storage classes across all price bands needed to accommodate such growth. Existing storage fills up or needs to be replaced and new use cases require different performance or need the cloud or other means of access. All of this adds complexity to an organisation’s IT management and makes it very difficult to ensure its data objectives can be met.

Unstructured data presents unique security challenges due to its diverse formats and sources. Data orchestration technologies can play a significant role in enhancing data security by providing a framework for managing, automating and controlling data workflows, processes, access and interactions. Implementing a global file system that spans across systems with a control layer that can be automated using intelligent, objective-based policies at the file-granular level is a critical tool in securing unstructured data. In this way, IT professionals can automate data protection, data placement and other services based on the business value of individual files or datasets using the system’s rich metadata (information about the data). This includes not only creation dates, modification times and file types, but also custom metadata tags such as department ID or compliance information that can drive policies.

Best practices

Securing unstructured data requires a comprehensive approach that addresses the unique characteristics of this data type. By implementing appropriate security measures and best practices, organisations can protect sensitive information contained within unstructured data and mitigate the associated risks. Here are some steps to take to secure unstructured data with data orchestration.

• Establishing intelligent policies – Orchestrating and managing data globally, regardless of where the data is today or needs to move tomorrow, is a key practice when securing data. Because data services can be applied globally across all storage resources and locations, the implementation of global control eliminates the need for IT organisations to manage multiple point solutions to migrate, protect, or perform other functions, as is typically the case in siloed environments today.

• Securing metadata – Unstructured data often contains valuable metadata, which can provide insights into the data’s origin, ownership and usage. While metadata itself might not contain the actual content of data, it can still reveal sensitive information and provide insights that could be exploited by malicious actors. Properly managing and securing metadata is important for maintaining data integrity.

• Centralising control – Data orchestration systems provide a centralised control point for managing data flows and interactions across various systems, applications and processes. This enables administrators to enforce consistent security policies and access controls throughout the data lifecycle.

• Access control and authentication – Data orchestration systems often include built-in access control mechanisms that ensure only authorised users and systems can access and interact with data. Users may be required to validate their identity using strong authentication methods before accessing data through orchestrated processes.

• Encryption and data protection – Data orchestration systems can facilitate encryption of data at rest and in motion. They can automate the encryption and decryption process, ensuring that data remains protected even as it moves between different systems and stages of processing.

• Consistent security policies – Data orchestration helps enforce consistent security policies and practices across diverse data sources, destinations and transformations. This minimises the risk of security gaps or inconsistencies that could arise from manually managing data interactions.

• Real-time monitoring and auditing – Many data orchestration systems offer real-time monitoring and auditing capabilities. This enables users to track data movement, transformations and interactions, making it easier to detect and respond to any unauthorised or suspicious activities.

• Automated compliance – Data orchestration can help users achieve and maintain compliance with data protection regulations by automating the enforcement of data handling and security policies.

Overall, data orchestration enhances data security by providing a structured, automated and centralised approach to managing data flows, interactions and security measures. It helps organisations mitigate risks, enforce security policies and respond effectively to security incidents in today’s increasingly complex and dynamic data environments.