Redouble your security efforts by focusing on the source—the data

Data is the lifeblood of your organization. Don’t put it at risk by concentrating on securing only the perimeter.


Data breaches are not theoretical: 72 percent of organizations said they had experienced a breach within the past year.

The ballooning volume of data flowing into your organization is both structured and unstructured, originating from an increasingly diverse array of internal and external sources. This data rarely rests as it fuels applications, feeds devices, and informs decisions. Traditional information security approaches focus on strengthening an enterprise’s infrastructure, but fail to adequately protect corporate data.

The June 2014 “State of Data Centric Security” study by the Ponemon Institute acknowledges this issue. It states that IT and information security practitioners around the world recognize their data security problem, but they are slow to act. They worry more about their inability to pinpoint confidential data than hacker threats, regulatory compliance concerns, and the risk of malicious employees. But while 79 percent recognize this as a significant risk, only 51 percent say securing data is a high priority.

Defend your data

You need to do more than just strengthen existing perimeter defenses for data centers, applications, and devices. Data-centric security strategies and controls provide visibility into who is using what information and whether the proper safeguards are in place.

Security expert Larry Ponemon, founder and chairman of the Ponemon Institute, says a data-centric security strategy requires a different way of thinking. “An analogy would be focusing on the molecules, not the whole body,” he says. “Think of each cell as a piece of information that requires a different orientation, set of tools, and skill set among security professionals.”

Minimize your risks

Secure your sensitive data by discovering, locating, and tagging it at its point of origin and then mapping it as it proliferates. This approach minimizes risks as data flows throughout your organization. And, this approach complements traditional information security procedures.

To get started, Ponemon advises organizations to:

  • Identify the gaps that might prevent you from seeing problems in real-time. A data security gap analysis can highlight how you can use automated tools to identify problems. Data security intelligence is a new category of software that provides the capabilities to analyze and visualize sensitive data. It goes beyond mere location, providing the details to understand true sensitive-data risk.
  • Evaluate which tools are truly necessary for your organization to mitigate or moderate data-centric security risks. Technology for security changes constantly. You should periodically reevaluate your approach to take advantage of the best set of tools.
  • Demonstrate the value of automated tools. There are ways to measure the economic and reputational risks of data loss, especially the theft of business-critical information. Make the case that automated tools can help mitigate that risk.

It takes skilled information security professionals to implement recommendations like those above; that’s what 58 percent of respondents in the Ponemon study said. More than half of the practitioners participating also saw two other ways to prevent data breaches: implementing effective data security technologies and instituting more automated processes and controls.

The notable thing about these issues is not that they are commonsense prescriptions. It’s the relevance of these actions to managing the risks of data today. Data breaches are not theoretical: 72 percent of the organizations participating in the Ponemon study said they had experienced a breach within the past year.

At a time when “data in the dark keeps IT practitioners up at night,” as the Ponemon report notes, you now know what it takes to get a better night’s rest.

For more information about visualizing sensitive data with Secure@Source, read the Detect and Protect: A Data-Centric Approach to Security white paper. 

Related content



Humana relies on Informatica Data Integration hub to personalize member plans and programs for increased customer engagement.


Security study finds 'depressing' gap between knowledge and action

IT professionals admit to understanding hidden data risks but are not investing in the automated tools to address them.


Keeping data safe: How to bridge the business/IT communication gap

Lacking an application data security strategy? Use these tips to foster a more balanced, collaborative approach to data security.


Less stress, more success: Engage with the business on cloud strategy

If the business is blocking your cloud deployment, your cloud strategy’s success may hinge on relationship skills.