Strengthen Data Security and Governance with Metadata

Strengthen Security and Governance with Metadata

If you want to protect the sensitive data you share with third parties, you need to know everything you can about that data. What data is being shared? Who’s sharing it? With whom are they sharing it? How are they sharing it? Ultimately, to protect your data and data workflows, you need deep insight into  your data and data workflows. Encrypted data packets and IP addresses only tell part of the story. You’ll need to dig deeper. With metadata, you have all the information you need to protect the PII, PHI, and IP you share with trusted third parties.

AWS Builder Community Hub

Third party workflow threats have a common theme: a user is the actor, and a file is the agent. Complete protection requires a defense that spans the full breadth of the associated threat surface: the collective paths of all files entering and exiting your organization. A comprehensive defense entails securing, monitoring, and managing all third party workflows, including secure email, SFTP, and secure file sharing, among others.

In my last post, I discussed the importance of encrypting your sensitive content in transit and at rest. In this post, I’ll explore how to use metadata to bolster data security and governance as it pertains to your third party workflows.

With Great Metadata Comes Great Opportunity

Once you’ve effectively shrunk the threat surface by limiting the number of entry points, namely the third party communication applications used to transmit files into your organization, you can more efficiently analyze every incoming file to detect, isolate, and neutralize all inbound threats.

While inspecting encrypted data packets and IP addresses is a good start to protecting data-in-transit, it’s insufficient. By contrast, file transfer metadata lets you see who’s sending the file, who’s receiving it, where it’s coming from, and much more. This information is only available at the user-application-file level, so this defensive strategy is critical for protecting data in risky third party workflows.

Transfer metadata lets you see who sent what to whom and more.

At a minimum, every incoming file should be scanned by anti-virus software prior to being uploaded to an enterprise repository. More suspicious files may require rerouting for advanced threat protection (ATP) analysis. To avoid slowing user productivity, apply stratified inspection to all inbound file traffic. By marking suspicious files for detailed inspection and queuing them based on workflow metadata, higher priority workflows receive higher priority processing.

Use Metadata to Employ Tight Governance Over Third Party Workflows

To protect data in motion as it leaves your organization, you must establish and enforce strict data privacy rules, including granular policy controls. Policy controls let you prevent costly data leaks and meet internal and external data privacy requirements, like GDPR compliance and HIPAA compliance. Granular policy controls must incorporate sharing metadata like sender, receiver, origin, destination, and time of transfer to be truly effective.

Strengthen data security and governance with metadataBy using metadata to analyze your inbound and outbound communications, you enhance your data security and governance and defend your third party workflows. [source: Accellion enterprise content firewall]

Based on the content a file contains, data leak prevention (DLP) technology can be deployed to deny unauthorized requests. This process can be accelerated by implementing a data classification standard that allows DLP scans to be performed offline and requests for sensitive content to be processed in real-time. This type of context-aware, content-aware security can only be applied to workflows, namely users, applications, and files. As a result, you must screen for PII, PHI, and other sensitive content at the user-application-file level. You must also be able to log file metadata and your DLP results so you can analyze them in the event of any failures. You can then use your CISO dashboard to see file activity in context, drill down with comprehensive reports, and export logs to your SIEM solution.

Next time, I’ll discuss using security infrastructure integrations to help secure your organization on all fronts while maintaining complete visibility over all sensitive information as it moves through the enterprise.

Don’t want to wait? Download the eBook now!
Ten Best Practices for Protecting Sensitive Content

Ten Best Practices for Protecting Sensitive Content

Explore the ten best practices that provide actionable steps you can take to build a holistic defense of the third party workflow threat surface.

*** This is a Security Bloggers Network syndicated blog from Cyber Security on Security Boulevard – Accellion authored by Cliff White. Read the original post at:

Avatar photo

Cliff White

Cliff White is Chief Technology Officer (CTO) at Accellion. Mr. White joined Accellion in 2011. He has more than 15 years of experience in the software industry and web-based technologies. He has also managed global engineering teams and advised C-level executives on software product engineering and best practices. Before joining Accellion, Mr. White developed highly scalable software for, an online media hosting company and one of the most visited websites on the internet. Previously, he led the engineering function for, a peer review and recommendation website for rental properties before it was acquired by

cliff-white has 28 posts and counting.See all posts by cliff-white