The What, When, Where and How of Unstructured Data Security and Access

According to e-Week, more than 80 percent of organizational data is unstructured residing everywhere: file servers, NAS, SAN, portals, mailboxes, the cloud, the data center—you name it, it’s all over the place. In the wrong hands, this information could expose merger and acquisition plans, competitive intelligence, proprietary research, customer information, and other highly confidential data. For companies under strict audit regulations, fines accompanying such exposure are exponential.

Ensuring that all data has the appropriate levels of confidentiality, integrity and accessibility to move across different networks is more important than ever, yet many organizations are still operating under a common premise: we don’t know what we don’t know.

So where do you start to get a handle on unstructured data? The following four steps are critical components of a strategic program for protecting unstructured data.

1. Determine Data Ownership

  1. User Access Reviews
  2. Access Request Approvals
  3. Real Time Alerts

One of the most critical steps in unstructured data security and access is understanding who the owner of the data is. Most companies offer a list of users to select from, however, instead of tackling data ownership in this manner, go a step beyond and offer the capability to ‘write-in’ new candidates. By doing this you may find that often times the data owner is not even a user of the data at all. If you don’t know who owns the data, then you will fail in each of the above listed activities. You will not know the right reviewers, approvers or interested parties when bad behavior is detected.

2. Data Discovery and Classification

Phase 1: Discovery - Basic technology solutions give customers the visibility into where certain content types reside when they search file contents for critical data elements such as credit card numbers, PII information, etc., and they can then move forward with establishing policies as to access regarding these files.

Phase 2: Classification - With more intuitive and best practices data access governance technology solutions, such as SecurityIQ, you are able to classify files based on who is accessing them. For example, if 96% of the accesses made on files in FOLDER-A were made by employees who are in the Finance Department, then you are able to classify all the files in that folder as “Financial Department Files”. Companies can now establish a policy that monitors all access to those files and triggers an alert any time an access is made by someone outside the Finance Dept.

3. Permission Discovery and Clean-up

Critical component in your strategy: Visualization through a Dashboard

Access to unstructured data is impossible to manage and control without full visibility. Having access to all of an organization’s data from a single dashboard provides you with the capability to collect and analyze effective permissions, as well as identify and remediate overexposing access to sensitive data. In addition, visibility allows you to discover and clean-up unused entitlements by cross-checking effective access with activity monitoring—ensuring access management for unstructured data is aligned with best practices across the enterprise.

4. Real-time Monitoring and Access Policy

  1. Monitor
  2. Scan for Policy
  3. Alert

The most effective security solution must be capable of monitoring all file and folder accesses as it happens. Taking it further than that, each access event should run through a policy engine immediately and if something is not right alerts are sent, actions taken.

A strategic program for protecting unstructured data should focus on empowering the knowledge worker with the information he or she needs to perform the job while increasing the organization’s ability to control and manage that ‘free flowing’ data. It also helps organizations meet myriad regulatory directives, both state and federal, such as SOX, PCI, HIPAA, GLBA requirements.


Blair Bonzelaar is a Chicago-based Cyber Security and Risk Management Expert working within Column Information Security’s Advisory Services Practice. Mr. Bonzelaar came to Column after leading teams in the banking sector and helping to launch several successful startups.

© Copyright 2020 Column Information Security

Terms & Conditions and Privacy Policy