The Cost of Ignoring the Issue
But what is the cost? First, you will lose customers, especially if you let a lot of time elapse between the breach and the communication. Second, you will lose trust which costs you people who are considering becoming customers and also business partners who would be reluctant to share data with you if you can’t protect it.
The government gets into it. There are local, state, federal and even international laws governing this. Compliance and security people need to keep up on these regulations and the reporting requirements that go with them. Failure to comply can result in fines and other penalties.
What Do You Need?
After you have your list of fields, you need to discover the lineage of each of the data items, looking at all the ways data can flow from the various applications. Depending on characteristics of the data, there may be multiple destinations for a given field. It’s complicated and time-consuming to do this manually; you need automation.
You’ll need a solution that will help you to perform a discovery of data sources, application flow and other interconnections then establish a repository of this data to produce quick visualizations as needed. This kind of tool will let you see dynamically where and how the sensitive data is processed, so you can secure the data as appropriate. The cost of encryption is coming down, so it’s a good way to go with the most sensitive fields but you still want to be selective.
When you look for the data lineage solution you need, you want to look beyond security and compliance and get one that provides a variety of benefits. Being able to visualize all your business processes can be incredibly valuable when you need to do maintenance. How else can you map from the business rule your analyst or business partner specifies to the underlying code? A good way to map and visualize these relations can bridge the communications gap between you and the business, as well as providing real-time documentation of your systems. This can really empower DevOps as well.
Find a great solution and make a giant step forward on protecting your customers’ (and your own) data.