Last week I spoke at DAMA Day in NYC. The day was focused on GDPR and all of the implications in the regulation. I decided to focus my talk on why Data Breach is such a big deal that it has its own articles included in the GDPR Regulation.
For the $141 per record breached, you can reduce your cost by:
Any information that can be classified as personal details – or that can be used to determine your identity
ER/Studio Data Architect allows you to set security impact directly in your data models so that you can start keeping track of these elements from the very beginning of your data design processes. Additionally, you can reverse engineer your existing data models and use ER/Studio Data Architect and Team Server to help to identify these elements.
You can use ER/Studio Business Architect to start to draw out mappings between tables and systems. Additionally, in ER/Studio Data Architect you can set up Universal Data Mappings within the repository that will help you to map together from a host of implementations. ER/Studio Data Architect also allows you to leverage entity editors to link related objects across models.
Removing these redundancies allow you to better identify what information was accessed in the case of a breach. If it is spread out across a variety of tables it makes it more difficult to determine which system had the breach.
You should map out your business processes using a tool like ER/Studio Business Architect to determine when data should be made available to systems rather than allowing full access which could make you vulnerable during a data breach.
Using tools like ER/Studio Business Architect you can define subject areas within your data and lock down access to those subject areas to only the people who need it. It's also a good practice to identify a main person who is responsible for that subject area who can make decisions that impact that data. This person should have an approval/change management process in place to ensure that they know at all times who is accessing their data and locking out those who should not be accessing it.
Below are a few example Business Process Diagrams that have been created in ER/Studio Business Architect that can help to get conversations started in your own organization.
Download a trial copy of our products at https://www.idera.com/
Statistic Source Links: