Introduction to Data Security
Developing your Data Security Policy
Understanding Data Security Compliance Laws
Classifying Data by Sensitivity
Building a Security Strategy on Identity
Working with a Trusted ETL Partner
Essential Cloud ETL Data Security Features
6 Security Questions to Ask Your ETL Vendor
- How can your platform help protect our PII, PHI, and other sensitive data?
- What examples can you share of how you have helped other clients with their data security?
- What features does your platform have to maintain compliance with regulations such as GDPR, CCPA, HIPAA?
- How can your data security team assist with our data security strategy and implementation?
- How do you remove/encrypt sensitive data in Europe for GDPR before moving data to the U.S. or elsewhere for centralized analysis?
- Does your platform support field-level encryption for sensitive data fields?
Most valuable forms of sensitive data
- Login credentials
- PII (Personal Identifiable Information)
- Classified corporate data
- Payment information and credit card details
- Financial records
- PHI (Protected Health Information)
- Personal Data as defined by Europe’s GDPR
- Staff records
- Education records
- Biometric data
The cost of data breaches
A data breach is any exposure of sensitive data to an unauthorized party. Such parties can include hackers, rogue employees or any person who isn’t authorized to access the data.
Dealing with a data breach is expensive. IBM estimates the average recovery cost at $3.86 million. This figure includes immediate restorative action, as well as loss of business and reputational damage that arises from losing customer data. Regulatory fines can push this figure even higher. In 2017, Equifax received a world-record fine of $575 million for a data breach that resulted from a missed Apache update.
Data breaches can also cause real human suffering. Over 650,000 people experienced identity theft in 2019, and many of these cases were directly linked to data breaches. When a customer provides you with their private data, they’re trusting you to keep them safe.
When is data most at risk?
Data can be in one of three states: in use, at rest or in transit. Each of these states has its own level of risk.
|What it means||State||What’s the risk|
|The data is in the memory of a production system. This could be an automated system, such as an eCommerce module, or a user-facing system like the CMS.||Unauthorized users may be able to capture this data. If hackers can obtain credentials, they could log in and steal information.|
|The data is stored in a data repository, such as a data warehouse. This may be on-premise or in the cloud.||Unauthorized parties might be able to access unencrypted data repositories and backups. Data warehouses need to be integrated with other systems, or crucial data may not be available when needed.|
|The data is moving from one location to another. This could be synchronization between systems, or a user accessing a remote system. Transit can be in-premise or across the internet.||Hackers can intercept unencrypted data as it moves between locations. If a user is on public wi-fi, they may be especially vulnerable to attack.|
The basics of data security
In this guide, we’ll look at how to develop an effective data security strategy. The key elements to bear in mind are to:
- Management buy-in to support a security-first culture.
- Create a data security policy.
- Understand your compliance requirements.
- Categorize your data according to sensitivity.
- Control access to data.
- Use a trusted ETL partner to protect data in transit and during transformation.
If you’d like to learn more about how Xplenty can protect data in transit, you can jump ahead to chapter six.