What is DCAP (Data-Centric Audit and Protection)?

A definition of DCAP, how it works, best practices, and more…

Enterprises are taking advantage of big data analytics to advance their businesses. With big data arriving, there is also more opportunity for cybercriminals. That’s why companies are increasingly securing their business and customer data with data-centric audit and protection (DCAP).

A Definition of Data-Centric Audit and Protection

Data-centric audit and protection (DCAP) is a term used by Gartner, a business research and consulting company, to describe a type of data-centric security. The goal of DCAP is to protect an organization’s data privacy and apply it to specific pieces of data, not the entire organization.

DCAP focuses on:

Classifying data
● Storing sensitive data
● Data security governance
● Protecting data against unauthorized access
● Data monitoring and auditing

How Data-Centric Audit and Protection Works

Data-centric audit and protection is about protecting the data, not about preventing unauthorized users from hacking into systems. This layer of protection relies on several steps to secure data:

Classifying Data

In order to protect sensitive data, business organizations need to know where the information is located and how much can be accessed. The first step is to classify data as it is created. There is content discovery technology that will classify data found in the organization’s assets. The sensitive data needs to be classified so it can be protected. For example, access rights to the data are assigned based upon common schema and policies.

Storing Sensitive Data

Digital rights management tools help protect sensitive data with access controls and encryption.

Identity and access management (IAM) keeps sensitive data available to only authorized users.

Persistent encryption will remain with data in storage and as it is being shared is the most secure method. Just as important as encrypting data in storage and in transmission is making sure authorized users have the proper encryption keys. This should go hand-in- hand with access controls.

Data Security Governance

Data governance policies will define what is sensitive data, who has authorized access to it, and how they can handle it. Data governance needs to protect data and allow users to work with it.

Data Monitoring and Auditing

Data-centric audit and protection is to keep data secure while it is being used. To ensure that security, monitoring technology can be used to help protect it. This entails using activity monitoring, access management, logical control and application security technologies.

Protecting Data Against Unauthorized Access

Data security is a primary goal of DCAP. It is possible to create such secure processes that it hinders the ability to actually utilize business data. Data-centric security needs to be balanced with productivity. Otherwise, organizations risk losing the benefits of leveraging big data, or users will bring the data outside of the secure environment — putting the data at risk.

Business data is more valuable when it is shared — inside and outside of the business organization. This also means the data can end up outside of an organization’s control.

Encryption can also help protect sensitive data from unauthorized access outside of
organizational control.

Benefits of of Data-Centric Audit and Protection

Data-centric audit and protection is designed to protect business data without getting in the way of harnessing the analytical use of it. Good data-centric security can help:

● Allow businesses to safely use IT services and vendors.
● Mitigate the risk of data breaches.
● Comply with regulatory mandates.
● Manage data, where it’s stored, when it’s shared and how it’s protected.
● Assess risks to data and prioritize investment in data protection.

Best Practices of Data-Centric Audit and Protection

Data-centric security is a holistic strategy. It doesn’t discriminate against device, storage technology or platform. Ensure complete data-centric audit and protection with best practices such as:

Secure Infrastructure

Data-centric audit and protection focuses on securing data but systems still need to be protected from unauthorized access.

Reporting and Auditing

Track your data so you know who is using the data and how. This is especially important to
demonstrate legal and regulatory compliance.

Encryption Key Management

Support authorized users so they can access data with proper encryption keys and protect against access by malicious users.

Data Discovery

Authorized users may be keeping data in unsecured files. Use data discovery tools to find structured and unstructured data stored in local files.

Search and Destroy

Business data isn’t meant to live forever. Make sure temporary files cannot be recovered when it is not needed any more using:

● Crypto-shredding
● Secure deletion
● Physical destruction of devices and disk storage

Content discovery technology can help discover data hiding where it should be. Business organizations need to find it before unauthorized users do.

Data-centric audit and protection is vital for modern enterprises that leverage big data to support business processes. By finding the right balance between adequately protecting your organization’s data and supporting the use of data within the organization, you’ll create a more robust security posture without hindering productivity or sacrificing the benefits of big data.


This blog was originally posted by Digital Guardian here.

No Comments Yet

Boldon James Ltd, Cody Technology Park, Ively Road, Farnborough, Hampshire GU14 0LX, United Kingdom