We live in an interconnected world. Every organization connects to vendors, customers, and other stakeholders. And in today’s Acceleration Economy, those connections take the form of data movement into and out of your organization.
This means it’s not enough to have a data security strategy that applies to your data and your employees: Your data security strategy, a core component of your overall data strategy, must extend beyond your four walls to encompass every data channel and recognize the security postures of every counterparty.
In this analysis, I’m going to break down the types of third-party data that your organization is likely to be involved in receiving, validating, and securing today. Then I’ll share ideas on some emerging risks. In all cases, I’m presenting ways to address the challenges that commonly arise.
Start Simple: Incoming Data Issues
As you begin to take inventory of third-party data and types you will need to manage, start with a simple case: incoming data from a partner. Maybe it’s your bank sending daily positive pay files or a supplier sending shipment data and invoices. Hey, these are good solid firms, and you know and trust them . . . what could go wrong?
Let’s look at some possibilities. (Please note this list is hardly exhaustive. The real world of data is messy, and the cybersecurity attack surface is ever-expanding.)
A Compromised Connection
Are you sure the file you just received is legit . . . or are you being spoofed by an impostor?
Potential Fix: out-of-band (for example, via email) pre-notification of each transmission (including checksums), plus file encryption.
A Too-Permissive Connection
A too-permissive connection allows for unauthorized use. Remember Target’s customer account breach? A connection to a repair vendor allowed an intruder to enter Target’s infrastructure and traverse the network until it found a juicy target.
Potential Fix: It’s called “zero trust,” which means allowing access to only what is required based on identity (who), function (what), location (where), and so on. If you’re expecting shipment data, the connection only goes to the enterprise resource planning (ERP) order management module and nowhere else.
There are many ways incoming data can cause problems. There are simple errors, including a daily file that doesn’t come in one day; or an empty file; or a duplicate of yesterday’s file (or last Tuesday’s); or the data format changes without notice. Some errors are more subtle but potentially more malicious, such as data deliberately crafted to compromise your systems or data maliciously changed to disrupt your operation.
Potential Fix: Quarantine incoming data and automatically run data quality checks before releasing the data into your processing systems.
Which companies are the most important vendors in data? Click here to see the Acceleration Economy Top 10 Data Modernization Short List, as selected by our expert team of practitioner-analysts
Online Transactions Add Additional Risks
If we’re dealing with online transactions that flow into your systems from counterparties, things get riskier and more complex. Here are some factors to consider.
Validation for Numerous Participants
If your transaction system allows numerous participants, how are you validating each of them each time they connect?
Potential Fix: Automate the heck out of all the checks you do for the simple case and run them wherever and whenever necessary.
How do you handle transaction failures, where some data is received but the connection drops?
Potential Fix: Modern databases have built-in tools to handle “commit and rollback” situations, so security, compliance, and data teams must get together to agree on error handling processes.
Do your networks and network security tools have adequate capacity to handle “surge volumes” (after a holiday, at a specific time of day, at halftime on Superbowl Sunday, after a distributed denial of service attack)?
Potential Fix: Model expected maximum volumes, then build in a safety factor of 2x or more. Contract with third-party network vendors that reject excessive spurious transactions. Stress test your systems to ensure they “degrade gracefully” (which is bad) rather than collapse or stop protecting (which is even worse) under pressure.
Emerging Third-Party Data Risks
Again, I just scratched the surface when listing online threats…but it gets worse. Traditional data security addresses files or transactions from people or other IT systems. In the “Internet of Things” (IoT) world, the data streams are coming from and going to devices. When monitoring and controlling devices, situations arise in addition to those listed above. There are two final considerations that I urge you to address.
The Need to Accommodate Delays
IoT transactions are often what’s called “hard real-time,” which means the machine sending data needs a response within a specific timeframe — usually a few milliseconds or even less — or something terrible will happen. If a drone detects an obstacle in its path, the “obstacle” message needs to be received and a “turn left” message sent back (and received by the drone) in perhaps a fraction of a second. That’s just as true for a check sorter at a bank, a lathe in a factory, or a power plant safety system.
Potential Fix: Design the data path with adequate safety margins to accommodate delays. And design IoT systems to be “casually connected,” which means they can function in a limited manner, or even go idle, if the connection slows down or stops (see “degrade gracefully” as I explained above).
Recent troubling developments compel me to include one more class of third-party data risk:
IT Supply Chain Compromise
An IT supply chain compromise is what happened to SolarWinds customers. A modern IT department acquires many software tools. Suppose an evildoer penetrates a software platform (exploiting one of the vulnerabilities listed above or others) and inserts malicious code into the vendor’s product. In that case, hundreds or thousands of firms are at risk.
Potential Fix: A compromised software tool can expose an organization to many kinds of risk. This analysis covers data security risks, so we’ll focus on one such example: data exfiltration, in which confidential data is scooped up and transferred to an evildoer’s data repository. If you follow zero trust principles, you can limit your damage. SolarWinds is a network monitor; it analyzes network traffic, looking for delays and problems moving data (ironically, it’s helpful to mitigate risks caused by surge volumes). A Zero Trust architecture would limit the tool to only look at messages flowing through the network, then block (and report) attempts to access data files on servers or send those data files outside the internal network.
Think back to the days of handwritten airplane tickets and manual credit card imprinters (anyone remember that “ca-chunk” sound?). Transactions took days or weeks to move between organizations. In today’s Acceleration Economy, that would be unacceptable! Today, every organization exchanges data with numerous third parties. Those data flows improve productivity and quality while decreasing costs and cycle time.
As we’ve seen, third-party data exchanges can be quite complex. The real world of data security must allow for many things to go wrong — whether through accident or deliberate action. Organizations must look inward, and at every connection with every third party, to adequately protect against the diverse threats they face.
Looking for more insights into all things data? Subscribe to the Data Modernization channel: