High value targets are resources that would be of great interest to people who should not have access to them.
These might be folders containing compensation information, the email
mailbox of the CEO, or the database containing the credit card numbers
of your customers. Knowing where that data is stored, used, and
transmitted is a critical first step in making sure that you are doing
your job as a security professional. Then align your security
investments with protecting those high value targets.
Before you go off and undertake a high-priced data classification and
discovery project, please speak with your business leaders and get them
to tell you what is important and where it is located. Then utilize
your existing security tools to track activity to those assets.
Track high value targets with a SIEM. In an ArcSight implementation
this can be done with asset categories and active lists. In the
unstructured data world, the Varonis DatAdvantage suite gives you the
ability to flag and tag these resources so that they can be easily
identified, and special reports created to protect them.
Make sure that you have access provisioning and entitlement review
processes in place to ensure that you are following a least privilege
model. If you have 20 system administrators who have access to the
compensation folder, that is a PROBLEM.
Only when you have the basic blocking and tackling in place should
you can move up to the advanced class and start talking about data
discovery, data classification, and data loss prevention solutions.
Focus on what matter to the business! Protect the high value targets.
No comments:
Post a Comment