What is DCAP (Data-Centric Audit and Protection)?

Data Security Knowledge Base

What is DCAP (Data-Centric Audit and Protection)? A Definition of DCAP, How It Works, Best Practices, and More

Text

Enterprises are taking advantage of big data analytics to advance their businesses. With big data arriving, there is also more opportunity for cybercriminals. That’s why companies are increasingly securing their business and customer data with data-centric audit and protection (DCAP).

A Definition of Data-Centric Audit and Production

Text

Data-centric audit and protection (DCAP) is a term used by Gartner, a business research and consulting company, to describe a type of data-centric security. The goal of DCAP is to protect an organization’s data privacy and apply it to specific pieces of data, not the entire organization.

DCAP focuses on:

  • Classifying data
  • Storing sensitive data
  • Data security governance
  • Protecting data against unauthorized access
  • Data monitoring and auditing

How Data-Centric Audit and Protection Works

Text

Data-centric audit and protection is about protecting the data, not about preventing unauthorized users from hacking into systems. This layer of protection relies on several steps to secure data:

Classifying data

In order to protect sensitive data, business organizations need to know where the information is located and how much can be accessed. The first step is to classify data as it is created. There is content discovery technology that will classify data found in the organization’s assets. The sensitive data needs to be classified so it can be protected. For example, access rights to the data are assigned based upon common schema and policies.

Best Practices of Data-Centric Audit and Protection

Text

Data-centric security is a holistic strategy. It doesn’t discriminate against device, storage technology or platform. Ensure complete data-centric audit and protection with best practices such as:

Secure infrastructure

Data-centric audit and protection focuses on securing data but systems still need to be protected from unauthorized access.

Reporting and auditing

Track your data so you know who is using the data and how. This is especially important to demonstrate legal and regulatory compliance.

Encryption key management

Support authorized users so they can access data with proper encryption keys and protect against access by malicious users.

Data discovery

Authorized users may be keeping data in unsecured files. Use data discovery tools to find structured and unstructured data stored in local files.

Search and destroy

Business data isn’t meant to live forever. Make sure temporary files cannot be recovered when it is not needed any more using:

● Crypto-shredding
● Secure deletion
● Physical destruction of devices and disk storage

Text

Content discovery technology can help discover data hiding where it should be. Business organizations need to find it before unauthorized users do.

Data-centric audit and protection is vital for modern enterprises that leverage big data to support business processes. By finding the right balance between adequately protecting your organization’s data and supporting the use of data within the organization, you’ll create a more robust security posture without hindering productivity or sacrificing the benefits of big data.