Satori selected as a representative vendor in the Gartner Market Guide for Data Security Platforms →

Data Security

4 Levels of an Effective Customer Data Protection Program

|Chief Scientist

Using customer data is a high-risk, high-reward activity. On one hand, it can transform a business and support rapid growth. On the other hand, it requires navigating the treacherous waters of privacy regulations, compliance requirements, and data breach risks.

In our experience working with security and data teams, we’ve consistently found that there are four levels companies go through in their journey to effectively utilize and protect customer data. If you’re responsible for ensuring that moving forward with customer data is done responsibly, let’s discuss these levels.

Level 1: Get to Know Your Data

At this level, you aim to gain visibility into your data landscape and understand where sensitive customer data resides.

It is essential to know your data; your north star in this quest for knowledge should be getting context of how you can mitigate risks. This level involves keeping an inventory of data stores that have customer data, including the specific locations where customer data is located. This helps you prioritize placing policies and controls over these specific locations later on.

In addition to mapping the data stores to customer data, it’s also important to map them to their cloud regions and jurisdictions, to ensure compliance with data residency requirements. Any risky misconfiguration of data stores should also be tracked, so it can be remediated.

In most cases, customer data is dynamic in nature, meaning that it may appear in different locations from time to time. This means that you should ensure these processes are happening continuously, and if that’s not possible, in short intervals. 

Get the latest from Satori

Level 2: Establish Data Access Workflows

At this level, you aim to establish and enforce strict data access controls. This is important because controlling access to customer data can minimize the risk of unauthorized access and data breaches.

The first step is to define who approves data access requests. The answer is usually the good old “it’s complicated.” However, to build an effective strategy, you should establish clear policies for who approves data access over what parts of the data and under what circumstances. Not only should these data access requests and approvals be enforced, but you should also audit all access requests, along with their business justifications.

The data access workflow should ensure that (at least by default, and certainly for customer data), access is not given perpetually, but for a set amount of time. The workflow can make it easy to retain access for additional time. Still, you must make sure that users don’t just accumulate more and more access to data, incurring over-privileged data access risks.

Level 3: Monitor Data Activity

At this level, you aim to detect and respond to suspicious activity on customer data. This is important because monitoring data activity can help you uncover potential threats and take mitigating actions.

For ongoing protection, you need to keep an audit log of all data activities involving customer data. The activities mainly concern access to customer data, in which case the audit should provide sufficient information to answer the following key questions:

  • Who accessed the data, and when?
  • What sensitive information was accessed (for example: names, email addresses, and so on)?
  • Did the user modify the data?
  • What was the purpose of data access, and who approved it?
  • Were there any security measures in place when accessing the data, such as masking of sensitive data?

Based on the audit log, you should be able to detect and prevent suspicious data activity, as well as meet specific data security compliance requirements.

One thing to note is that you should ensure that you have the capability to store and analyze these audit logs for long-term use. In many cases, you will actually need to answer questions months or more after the data access occurred.

Level 4: Limit Exposure to Sensitive Data

At this level, you aim to minimize the exposure of sensitive customer data. This is done to reduce the attack surface and protect your organization from cyber threats.

To limit exposure to sensitive data, you need to classify the data in a granular way, to understand the types of data you have and where it’s located. Data is dynamic, so this classification process should not be an ad-hoc step, but something that is continuous, or at least happens in short intervals. If you perform an annual classification, the classification you have will become stale quickly, and you will be limited in your ability to mitigate risks.

As part of your data security policy, you should define data exposure levels and map them to common business objectives. For example: an analyst may need access to customer data for a project, but it may be wise not to provide them with clear-text data of the sensitive fields, and to instead mask or hash that data.

Per these definitions, you should enforce such security policies with technical policies like dynamic masking or row-level security to limit unnecessary exposure to customer data.

Conclusion and Recommended Next Steps

Protecting customer data is probably the most important thing security teams are responsible for. We hope we made building a customer data protection strategy more clear by breaking down the project. 

Our recommendations:

 

Learn More About Satori
in a Live Demo
Book A Demo
About the author
|Chief Scientist

Ben is an experienced tech leader and book author with a background in endpoint security, analytics, and application & data security. Ben filled roles such as the CTO of Cynet, and Director of Threat Research at Imperva. Ben is the Chief Scientist for Satori, the DataSecOps platform.

Back to Blog