Developing a Data Strategy and Data Observability Capabilities to Address Data Risk Factors for a Leading Airline

Background

After resolving an unauthorized data incident that was reported on the nightly news, our Client, the CISO of an airline, needed to prevent future breaches by getting their arms around data risk across the enterprise.

To identify PII and confidential data distributed across many sources in a dynamic data landscape, the airline needed to understand where those critical and sensitive data assets reside and develop capabilities that identify and monitor data access gaps as they arise.

Four objectives needed to be met to complete this initiative.

1. Catalog sensitive data across structured and unstructured data throughout the organization.
2. Identify and resolve any gaps within the data access controls within Azure.
3. Create a process that constantly monitors data risk and pushes out alerts when a critical gap is detected.
4. Create an observability portal that shows an at-a-glance data risk score, the current gaps, the severity of each gap, and a mechanism for correcting each gap.

Why Definian

Our Client chose Definian as their partner for this sensitive work because of our expertise in data strategy for major financial institutions and our deep technical knowledge in building underlying connectors for leading data platforms.

The Work

To meet the first objective, BigID was deployed to scan, discover, and catalog the sensitive data. BigID is the leading product in automated data discovery and classification and was the standout choice for uncovering and monitoring unstructured and structured data throughout the organization.

With the sensitive data catalog in hand, we reviewed the access controls within Azure and immediately began to address any data sensitivity access gaps. As we resolved the gaps in the technical controls, we worked with our Client to address the data governance processes that led to the gaps.

With the current gaps resolved, we developed a process that would provide a proactive backstop to address future issues. There are two components to the backstop. For the first component, Definian integrated Azure data access controls and BigID's ongoing scan results. This integration connects and analyzes the metadata from each solution and pushes out real-time alerts when a critical gap is detected. The second component was to utilize the integration to power a risk observability portal.

The risk observability portal enabled an at-a-glance assessment of the current data risk levels across the organization. The observability portal has two main features. The first is a risk score calculated by analyzing the various types and numbers of gaps. This score instantly communicates current risk levels and trends. The second feature displays the details behind the gaps and a mechanism to correct them within that single screen.

Results

With this additional observability capability, our Client is confident in always knowing their overall risk exposure. They now have a comprehensive process that tracks the unstructured and structured data across their dynamic landscape and a mechanism for quickly addressing gaps.