Data Security: What It Is, Why It’s Important, and How to Get Started

Your guide to data security terms, technologies, and industry standards.

What You Should Know About Data Security:

  • Data security is not just about protecting company and customer data from threats. Your network is made up of multiple layers that have unique attack surfaces. Compromise at one layer can propagate through the operating system and applications. To help protect data, reduce risk, and assure compliance standards, your security and integrity capabilities should be rooted in hardware.

  • Meeting industry standards for healthcare, finance, government, and retail can help you stay in compliance when handling sensitive customer data.

  • While compliance is important, best practices recommend putting additional protections in place—from the hardware and firmware up through the operating system and applications and to the cloud.

  • The most commonly used security technologies include data encryption in transit and at rest, authentication and authorization, hardware-based security (or physical-based security), and data backup.

author-image

作者

Data security is top of mind for today’s organizations. While data can be one of your greatest assets—helping you make better decisions, carry out strategic initiatives, and build stronger customer and partner relationships—it can also be one of your greatest liabilities if you don’t take steps to secure and protect it.

Data breaches compromising the confidential information of billions of customers have not only cost companies financially, but reduced brand value and eroded customer trust. As hackers get more sophisticated, you’ll need to adopt more-advanced technologies and methods to help maintain data confidentiality.

What Is Data Security?

Data security is the ability to protect your company’s confidential data and the personal information of your customers from data breaches and other threats. It’s best considered using the CIA triad, a benchmark model designed to govern how organizations manage data when it’s stored, in transit, and processed. CIA in the data triad focuses on:

  • Confidentiality: Ensuring that the right entities—including people and software—have access to the right data.
  • Integrity: Preserving data by ensuring it’s not modified in any way.
  • Availability: Making sure data is always accessible when it’s needed.

An important aspect to consider is balancing the need for securing your data with the flexibility to analyze and gain important insights for better decision-making.

Why Is Data Security Important?

As data breaches and privacy concerns increase, protecting sensitive company and customer data has become a top priority for most organizations. According to IDG, 68 percent of CIOs say they’ll see their biggest spending increase in cybersecurity over the next 12 months.1

Data security is important for the following reasons:

  • Keeps your intellectual property safe.
  • Maintains the integrity of your data.
  • Keeps you in compliance with regulatory and legal standards.

The price for not securing your data can be high.

US companies pay an average of USD 8.64 million per data breach, including the cost of higher customer turnover and lost business due to downtime.2

Data Security Standards by Industry

From healthcare and finance to government and retail, there is no shortage of regulations and laws designed to help protect consumer privacy. The following are some of the most prominent by industry.

Healthcare Data Security

The Health Insurance Portability and Accountability Act (HIPAA) sets a national standard to protect medical records and personal health information—also known as protected health information (PHI). The regulation applies to entities that typically handle patient information, including healthcare providers, health plans, and healthcare clearinghouses.

However, since its inception in 1996, more than 200 million patient records have been compromised.3 While medical devices like health monitors, tablets, and wearables can help improve patient care and lower costs, they also increase the possibility of breaches. To improve healthcare security and maintain compliance, organizations should implement strong access and audit controls, keep data closer to the source with edge computing and edge analytics, and maintain the security of data in transmission using the most-advanced encryption methods.

Financial Data Security

The Sarbanes-Oxley Act, also known as SOX, regulates corporate financial dealings of US companies and identifies data as an asset. It was designed to reduce fraud and ensure accurate, reliable financial reporting. The act requires all public companies to establish an independent audit committee to oversee financial reporting, internally verify the accuracy and integrity of statements and reports, identify fraudulent activity, and have internal controls for tracking and auditing financial processes.

Noncompliance could result in fines or prison time. Moreover, businesses that don’t comply put sensitive data at risk. Organizations should go beyond compliance to strengthen their IT controls and minimize database security threats.

Government Data Security

From schools and postal services to law enforcement and emergency services, solid government cybersecurity helps to ensure delivery of essential services to the public at the local, state, and federal levels.

While every state has put security measures in place to protect consumer data, at least 32 states require by law that governments have database security in place to protect the personal data of their citizens.4 But fragmented security solutions and more savvy cybercriminals make big data security challenging. Instead, government agencies need end-to-end security that protects data and devices from the edge to the cloud.

PCI Data Security

Retailers and other organizations that accept or process credit cards need to comply with the Payment Card Industry (PCI) security standards. The standards require that organizations strengthen their network, protect stored consumer data, and encrypt data in transmission on public networks. In addition, those accepting credit cards should maintain strong access controls, regularly test and monitor access, and have an information security policy in place for employees and contractors.

While the regulations are a start, in order to fully protect your data and build consumer trust you’ll need to take a holistic approach to retail security. Silicon-enabled security can help you stop breaches before they start by preventing attacks at the firmware level. Multifactor authentication and I/O port protection add extra layers of security, while early isolation of breaches speeds up remediation. And strong encryption within SSDs can keep credit card data and personal information safe, from the time the customer presents it—at the POS or online—to the time it arrives at the bank or retail server.

GDPR

General Data Protection Regulation (GDPR) is Europe’s digital privacy regulation. It requires companies to protect the privacy and personal data of EU citizens when a transaction takes place in the EU—even if the business doesn’t have a presence there. It also requires companies to get permission from consumers before collecting their data as well as report data breaches within 72 hours.

Because GDPR mandates that organizations protect data while stored, transferred, or processed, you’ll need to be sure you have protections in place—from the lowest levels of hardware up through your software stack.

Data Security Technologies

While compliance will keep you in good standing with regulatory agencies, a more complete approach will help keep threats at bay. The following technologies should be a part of every company’s data security strategy.

Data Encryption

Encryption is viewed as one of the most reliable ways to keep your data confidential at rest, in transit, or when processing real-time analytics. Data encryption uses algorithms to encode data into an unreadable format that needs an authorized key for decryption. But cryptographic processing can be vulnerable to side channel attacks and can affect performance.

The latest technologies can speed up encryption and boost security without affecting performance.

User Authentication and Authorization

To help keep unauthorized users from accessing sensitive data, you’ll need to have the right user authentication methods in place. But strong passwords aren’t enough. The most-secure methods use hardware security features such as biometrics, built-in two-factor authentication, and secure enclave technology built into the processor itself.

Hardware-Based Security

As hackers have become more sophisticated, they’ve made their way down the stack, increasing attacks at the hardware level. That’s why you need to protect your data at every layer of the IT infrastructure—not just the software. Intel’s hardware-enabled security capabilities include protections built right into the silicon, creating trusted infrastructure, which helps secure hardware, firmware, operating system, applications, networks, and the cloud.

Data Backup

Data backup solutions can help you restore your company and customer data in the event of a storage failure, breach, or disaster. By creating an exact copy of your data and storing it in a secure location that can be accessed by authorized administrators, you can minimize the risk of a primary data failure. However, for better data integrity and security, you’ll need protections for that backup, both while that data is being sent to its backup location as well as when it’s stored to assist in spotting anomalies or threats early. A documented data backup policy can help you comply with various security regulations as well as establish a consistent, reliable data recovery process.

Intel Data Security Technology

At Intel, we’re committed to developing technologies that provide advanced protections for the latest security threats. We start with a foundation of silicon-enabled security technologies and layer on edge-to-cloud data privacy capabilities for one of the most comprehensive security portfolios available in today’s market.

Intel® Threat Detection Technology (Intel® TDT)

Intel® Threat Detection Technology is a suite of hardware-enhanced technologies that works with your existing security solutions to help you better detect emerging cyberthreats. Built into the underlying silicon, Intel® TDT uses CPU data, machine learning algorithms, and Intel-integrated graphics for security workloads.

Intel® Software Guard Extensions (Intel® SGX)

Intel® Software Guard Extensions provides hardware-based memory encryption that reduces the attack surface of the system by isolating data and application code in memory. It assists businesses in running sensitive applications more securely in public, private, on-premises, and multicloud environments.

Intel® Select Solutions for Hardened Security

Intel® Select Solutions for Hardened Security with Lockheed Martin isolates virtual machines (VMs) at runtime using hardware-enforced firewalls and improves performance by ideally allocating compute resources.

Intel® QuickAssist Technology (Intel® QAT)

Intel® QuickAssist Technology provides a software-enabled foundation to secure data and speed up application performance on networks, cloud, and storage by offloading CPU-intensive compression and encryption processes.

Secure Your Data and Your Brand

When consumers share their personal information, they expect you to protect their privacy and their data while giving them value in return. Now that you have a better understanding of the standards that guide you and the technologies available, you can build a data security program that will help keep your data protected and your brand strong.