Your data sucks, and so does your security.

Ok, let’s get this straight right now. Your crappy data is crippling your ability to protect it effectively. At the heart of every single security architecture there lies one constant. Data. Identity data, group data, access logs, etc. We build our defense and monitoring systems against this data and demand that it reduce our costs, thwart attacks, correlate users, deliver pizzas, and now accurately classify anomalous behavior, respond to events in real time, and learn how to make everything better.

The machine learning/A.I craze is real and it’s happening and I believe it’s here to stay and will pave the route for good things to come. However something that is being glossed over in the race to build “smart “ systems is the fact that any ml or A.I platform is only as good as the data that it’s being fed. This is Data Science 101, bad data in, bad data out.

In order to be accurate and give us the nirvana we all are looking for we have to realize that some work is needed ahead of time. Yup, that’s right time to clean your data. That big scary pile of 💩, you’ve been sweeping under the rug for the past umpteen years, yeah…you’re going to have to clean it up.

I know, I know you don’t want to, but think of all the A.I goodness you’ll get in return. Or all the money you’ll waste if you don’t, your choice. So where do you start? Well the good news is that your data doesn’t have to be squeaky clean, implementing some general data hygiene strategies will get you where you want to be.

Unique Identifier

We’ve all heard the saying “You don’t know, what you don’t know”. In this case I can’t govern/manage/ what I don’t know. You need to make sure you can uniquely identify objects across your enterprise. Identification aids in the creation of accurate relationships between objects.

Descriptions

“Hey what’s group ENGUSOR?” Describe, describe, and then describe some more. It’s awesome if the group administrator knows that the ENGUSOR stands for Engineering United States, Oregon, but does the business user that may have to certify that access know that? Or the security administrator who gets an alert that too many people have access to ENGUSOR? Although manual and time-consuming updating of descriptions.

Validate Values

Make sure you data is what it says it is…(R.I.P Denny Green). Data entry isn’t the most exciting thing in the world and if it’s done manually can often lead to mistakes. One way to start sanitizing your data is to first define the values that you absolutely care about. Next, centralize those values in one place and use logic to ensure the values are what you want them to be. Finally, use this central location to push attributes out to all other sources.

Final words of wisdom. Clean. Use. Repeat. In order to maximize the benefits of artificial intelligence you must always be diligent in the quality of data that feeds your A.I systems. Whether it’s automating actions, reducing alerts, or making you a sandwich you want to make sure it’s doing it accurately. In addition, you want your predictive systems to learn patterns because no one likes a 💩 sandwich.

Or maybe you do..who am I to judge?