Using customer data is a high-risk, high-reward activity. On one hand, it can transform a business and support rapid growth. On the other hand, it requires navigating the treacherous waters of privacy regulations, compliance requirements, and data breach risks.
In our experience working with security and data teams, we’ve consistently found that there are four levels companies go through in their journey to effectively utilize and protect customer data. If you’re responsible for ensuring that moving forward with customer data is done responsibly, let’s discuss these levels.
Level 1: Get to Know Your Data
At this level, you aim to gain visibility into your data landscape and understand where sensitive customer data resides.
It is essential to know your data; your north star in this quest for knowledge should be getting context of how you can mitigate risks. This level involves keeping an inventory of data stores that have customer data, including the specific locations where customer data is located. This helps you prioritize placing policies and controls over these specific locations later on.
In addition to mapping the data stores to customer data, it’s also important to map them to their cloud regions and jurisdictions, to ensure compliance with data residency requirements. Any risky misconfiguration of data stores should also be tracked, so it can be remediated.
In most cases, customer data is dynamic in nature, meaning that it may appear in different locations from time to time. This means that you should ensure these processes are happening continuously, and if that’s not possible, in short intervals.
Level 2: Establish Data Access Workflows
At this level, you aim to establish and enforce strict data access controls. This is important because controlling access to customer data can minimize the risk of unauthorized access and data breaches.
The first step is to define who approves data access requests. The answer is usually the good old “it’s complicated.” However, to build an effective strategy, you should establish clear policies for who approves data access over what parts of the data and under what circumstances. Not only should these data access requests and approvals be enforced, but you should also audit all access requests, along with their business justifications.
The data access workflow should ensure that (at least by default, and certainly for customer data), access is not given perpetually, but for a set amount of time. The workflow can make it easy to retain access for additional time. Still, you must make sure that users don’t just accumulate more and more access to data, incurring over-privileged data access risks.
Level 3: Monitor Data Activity
At this level, you aim to detect and respond to suspicious activity on customer data. This is important because monitoring data activity can help you uncover potential threats and take mitigating actions.
For ongoing protection, you need to keep an audit log of all data activities involving customer data. The activities mainly concern access to customer data, in which case the audit should provide sufficient information to answer the following key questions:
- Who accessed the data, and when?
- What sensitive information was accessed (for example: names, email addresses, and so on)?
- Did the user modify the data?
- What was the purpose of data access, and who approved it?
- Were there any security measures in place when accessing the data, such as masking of sensitive data?
Based on the audit log, you should be able to detect and prevent suspicious data activity, as well as meet specific data security compliance requirements.
One thing to note is that you should ensure that you have the capability to store and analyze these audit logs for long-term use. In many cases, you will actually need to answer questions months or more after the data access occurred.
Level 4: Limit Exposure to Sensitive Data
At this level, you aim to minimize the exposure of sensitive customer data. This is done to reduce the attack surface and protect your organization from cyber threats.
To limit exposure to sensitive data, you need to classify the data in a granular way, to understand the types of data you have and where it’s located. Data is dynamic, so this classification process should not be an ad-hoc step, but something that is continuous, or at least happens in short intervals. If you perform an annual classification, the classification you have will become stale quickly, and you will be limited in your ability to mitigate risks.
As part of your data security policy, you should define data exposure levels and map them to common business objectives. For example: an analyst may need access to customer data for a project, but it may be wise not to provide them with clear-text data of the sensitive fields, and to instead mask or hash that data.
Per these definitions, you should enforce such security policies with technical policies like dynamic masking or row-level security to limit unnecessary exposure to customer data.
Conclusion and Recommended Next Steps
Protecting customer data is probably the most important thing security teams are responsible for. We hope we made building a customer data protection strategy more clear by breaking down the project.
Our recommendations:
- Download the checklist: protecting your customer data.
- To understand how using the Satori Data Security Platform can help significantly enhance customer data protection, schedule a demo meeting with one of our Satori experts.
- Read: Challenges of Protecting Customer Data in a Growing Organization