SHARE
Security / February 14, 2022

Data Privacy vs. Visibility: The Security Consideration

This article was previously published by Infosecurity Magazine.

Over the past two years, the pressure on businesses to digitally transform, meet changing customer expectations, and implement more agile processes has reached breaking point. And while organizations recognize the value of cloud adoption to combat these issues, it doesn’t come without its challenges. There are often concerns around the security of the cloud and uncertainty about data protection and privacy. Similarly, privacy concerns around the Internet of Things (IoT) continue to cause issues in industry. In manufacturing, for instance, new IoT devices are converging with process machinery that was never originally intended to connect to a wider network. Inherently, the security of these devices is far weaker than the modern alternatives.

To ensure protection in the cloud and IoT, deep observability into every part of the infrastructure is key. This includes a clear view into SSL/TLS encrypted traffic and TLS 1.3 encrypted flows. But what does this mean for data privacy? Can organizations gain observability into every asset and across entire networks whilst also complying with data privacy regulations?

Why Deep Observability Matters to Security

When embarking on digital transformation initiatives, organizations should be asking a number of critical questions: How do we ensure everyone can use the network securely; how do we migrate to the cloud while meeting compliance and security controls; how can we identify and mitigate security or network anomalies? If these considerations are not addressed, it will slow the process of migrating workloads to the cloud or integrating IoT devices, and it leaves a company vulnerable to breaches.

Deep observability is essential for bolstering security, not just in the IT world but also for operational technology (OT). Without a clear line of sight into all devices it is impossible to monitor (or protect) what you cannot see. Ransomware attacks are rife today because cybercriminals can easily penetrate a network and covertly gather intelligence for months before they deploy any malware. This technique is why blind spots represent such a security risk; cybercriminals are often present for weeks without being spotted. Therefore, gaps in visibility need to be eliminated. The key is finding a tool that can provide deep observability and actionable analytics while also keeping data privacy as a priority.

The Importance of Data Masking

SSL/TLS encryption is used commonly by enterprises as a central pillar of their cybersecurity strategy, especially as the majority of businesses are now working partially or fully in the cloud. However, this security measure has been turned on its head in recent years; while encryption previously existed to protect data from bad actors, it is now often leveraged by these criminals as a way to hold a company’s own data at ransom, or even to conceal malicious activity. In fact, in 2021, it was found that more than 90 percent of malware was hidden in encrypted traffic. Given the amount of encrypted data travelling across networks and the risk it now poses, organizations need a way to efficiently decrypt SSL traffic, share it with tools, and then re-encrypt it.

However, U.K. organizations are still required to comply with the General Data Protection Regulation (GDPR), which recognizes that certain data must be processed/stored to maintain confidentiality. Compliance to these rules is essential for every industry, while confidentiality is crucial for both the public and private sectors. Regulations in industries like healthcare and finance are particularly stringent and require that sensitive data must be protected, with penalties severe for non-compliance. This is where data masking comes in. Data masking effectively modifies sensitive data, so while it is structurally similar, it is of no use or value to those unauthorized to see it. This technique means that data is obscured before it is sent to security and monitoring tools, and therefore compliance becomes far easier as the sensitive data is never seen, processed, or stored. It also protects NetOps teams from being exposed to confidential data inadvertently, and it adds a level of data protection if monitoring or analysis functions are outsourced.

Data-masking tools are an essential part of network intelligence solutions and must be implemented in order to ensure organizations can comply with GDPR and data privacy regulations while simultaneously protecting themselves from cybercrime. While SecOps teams can only protect their network from what they can see, privacy and security cannot be at odds with each other. Instead, these elements must work in harmony to ensure data is always safe while allowing digital transformation initiatives to succeed.

Featured Webinars

Hear from our experts on the latest trends and best practices to optimize your network visibility and analysis.

CONTINUE THE DISCUSSION

People are talking about this in the Gigamon Community’s Security group.

Share your thoughts today

RELATED CONTENT

REPORT
2022 Ransomware Defense Report
WEBINAR
Ransomware Best Practices: Agentless Threat Hunting
BLOG POST
Ransomware in Healthcare
WEBPAGE
Suddenly, Ransomware Has Nowhere to Hide

Back to top