Data Centric Security Model. The main focus of DCSM is to provide the "right" level of data security based on the analysis of it`s value.
Data Centric Security: How Does the Model Work?
This approach focuses on data rather than infrastructure. Key steps:
Inventory and categorization
Determine which data is critical (e.g., patents), confidential (development strategy), or public (press releases). Use labels: "Strictly Confidential", "Internal Use", "Public Access".
Classification-based access policies
Restrict access to high-risk data to only authorized individuals. Example: drawings of a new product are available only to the R&D department and top management.
Encryption and monitoring
Protect data in motion and at rest based on its category. Implement systems that monitor/block unauthorized copying or transmission attempts and automate incident response.
Benefits of Data Centric Security for Business
- Reduce the risk of breaches by 40-60% (according to Gartner) through point protection.
- Saving resources: no need to encrypt the "canteen menu" in the same way as financial statements.
- Compliance: ISO 27001, PCI DSS require data classification.
- Transparency: You always know where key assets are located and how they are protected.
Ben Horowitz, co-founder of venture capital firm Andreessen Horowitz