Strengthen Data Security and Governance with Metadata
If you want to protect the sensitive data you share with third parties, you need to know everything you can about that data. What data is being shared? Who’s sharing it? With whom are they sharing it? How are they sharing it? Ultimately, to protect your data and data workflows, you need deep insight into your data and data workflows. Encrypted data packets and IP addresses only tell part of the story. You’ll need to dig deeper. With metadata, you have all the information you need to protect the PII, PHI, and IP you share with trusted third parties.
Third-party workflow threats have a common theme: a user is the actor, and a file is the agent. Complete protection requires a defense that spans the full breadth of the associated threat surface: the collective paths of all files entering and exiting your organization. A comprehensive defense entails securing, monitoring, and managing all third-party workflows, including secure email, SFTP, and secure file sharing, among others.
In my last post, I discussed the importance of encrypting your sensitive content in transit and at rest. In this post, I’ll explore how to use metadata to bolster data security and governance as it pertains to your third-party workflows.
With Great Metadata Comes Great Opportunity
Once you’ve effectively shrunk the threat surface by limiting the number of entry points, namely the third-party communication applications used to transmit files into your organization, you can more efficiently analyze every incoming file to detect, isolate, and neutralize all inbound threats.
While inspecting encrypted data packets and IP addresses is a good start to protecting data-in-transit, it’s insufficient. By contrast, file transfer metadata lets you see who’s sending the file, who’s receiving it, where it’s coming from, and much more. This information is only available at the user-application-file level, so this defensive strategy is critical for protecting data in risky third-party workflows.
At a minimum, every incoming file should be scanned by anti-virus software prior to being uploaded to an enterprise repository. More suspicious files may require rerouting for advanced threat protection (ATP) analysis. To avoid slowing user productivity, apply stratified inspection to all inbound file traffic. By marking suspicious files for detailed inspection and queuing them based on workflow metadata, higher priority workflows receive higher priority processing.
Use Metadata to Employ Tight Governance Over Third-party Workflows
To protect data in motion as it leaves your organization, you must establish and enforce strict data privacy rules, including granular policy controls. Policy controls let you prevent costly data leaks and meet internal and external data privacy requirements, like GDPR compliance and HIPAA compliance. Granular policy controls must incorporate sharing metadata like sender, receiver, origin, destination, and time of transfer to be truly effective.
Based on the content a file contains, data leak prevention (DLP) technology can be deployed to deny unauthorized requests. This process can be accelerated by implementing a data classification standard that allows DLP scans to be performed offline and requests for sensitive content to be processed in real-time. This type of context-aware, content-aware security can only be applied to workflows, namely users, applications, and files. As a result, you must screen for PII, PHI, and other sensitive content at the user-application-file level. You must also be able to log file metadata and your DLP results so you can analyze them in the event of any failures. You can then use your CISO Dashboard to see file activity in context, drill down with comprehensive reports, and export logs to your SIEM solution.
Next time, I’ll discuss using security infrastructure integrations to help secure your organization on all fronts while maintaining complete visibility over all sensitive information as it moves through the enterprise.
To learn more about how to build a holistic defense of the third-party workflow threat surface, schedule a custom demo of Kiteworks today.
Frequently Asked Questions
Secure file sharing is a way of transferring files between two or more computers, all while ensuring that the data remains secure and confidential. Encryption, data loss prevention (DLP), advanced threat protection (ATP), and multi-factor authentication (MFA) are just some of the security features used to enable secure file sharing.
Secure file sharing typically involves encrypting files during transit and ensuring they can only be accessed by users with the correct credentials, typically a username and password. Once downloaded, the files are also encrypted locally on the user’s device. This prevents unauthorized users from viewing them without the correct credentials. Some secure file sharing systems also provide an audit trail, so that administrators can track who has accessed each file.
Secure file sharing helps organizations keep their data safe and secure. By encrypting the data as it is transferred, secure file sharing prevents hackers and malicious actors from stealing or altering data. Additionally, secure file sharing can help organizations comply with data regulations and industry standards.
Regular file sharing is not encrypted, which means the data can be intercepted and read. Secure file sharing, on the other hand, uses encryption algorithms to scramble the data before it is sent, making it unreadable to anyone without the encryption key.
Yes, secure file sharing requires a secure connection. This means that the connection must use a secure protocol such as SFTP, FTPS, or HTTPS.
Additional Resources
- Blog Post Security Risk Management Work
- Blog Post Data Sovereignty
- Blog Post A Guide to Information Security Governance
- Blog Post Why Cybersecurity Risk Management Matters
- Blog Post Customer Data Compliance