1.9 Billion Records Exposed – A Taxonomy Could Have Come in Handy
Only 918 reported data breaches led to a whopping 1.9 billion records being exposed, as of September 2017. I would expect the number to rise, although not dramatically, I hope. Compared with the last six months of 2016, the number of lost, stolen, or compromised records increased by 164 percent. On a daily basis, valuable identity information is flying out of the control of firms – more than 3,500 records per minute.
Why does a taxonomy come in handy? Well, it does depend on the type of breach that occurred, but a taxonomy can solve the problem in the identification of PII, PHI, and even organizationally-defined confidential information.
Data loss prevention (DLP) works in somewhat the same way, except DLP typically works with pre-defined descriptors, such as social security and credit card numbers. The problem is that DLP does not work in real time, so exposed records can well remain exposed records until someone does something about them. In the Microsoft environment, OneDrive for Business is a culprit, as end users can willy nilly load documents, records, and confidential information into the cloud. The other problem with DLP is that it is time consuming.
Enough trashing DLP. A taxonomy can be created that creates the nodes for any personal information or confidential information. If you have auto-classification, all the documents will be classified, if they contain the descriptor you specified. If you want a workflow, you can remove the content containing the vulnerability from search, move it to a secure repository, prevent download, and notify the appropriate people. Best of all, it can run in real-time, without bogging down any environment.
To me, it’s sort of a no brainer. How about you? Would a taxonomy for the identification of personal and confidential information be of value?
Our webinars also address the topics explored in our blogs. Access all our webinar recordings and presentation slides at any time, from our website, in the Recorded Webinars area, via the Resources tab.