This series of documents provides strategies for evaluating and mitigating datarisk in your organization. It also describes and compares twoSensitive Data Protection services that help you learn more about yourcurrent data security posture.

Objectives of data risk management

Managing data risk involves storing, processing, and using your data within theappropriate risk levels for your business. When you perform data riskmanagement, we recommend that you aim for the following objectives:

• Your data is properly discovered and classified.
• Risk of data exposure is properly understood.
• Data is protected by appropriate controls or de-risked through obfuscation.

As you evaluate your data workloads you can start by asking thesequestions:

• What kind of data does this workload handle and is any of itsensitive?
• Is this data properly exposed? For example, is access to the data restrictedto the right users, in the right environment, and for an approved purpose?
• Can the risk of this data be reduced through data minimization and obfuscationstrategies?

Taking a well-informed and risk-based approach can help you make the most ofyour data without compromising the privacy of your users.

Example analysis

For this example, suppose your data team is trying to build a machine learningmodel based on customer feedback in product reviews.

What kind of data does this workload handle and is any of it sensitive?

In the data workload, you found that the primary key used is the customer emailaddress. Customer email addresses often contain the customers' names.Additionally, the actual product reviews contain unstructured data (orfreeformdata) submitted by the customer. Unstructured data can contain intermittentinstances of sensitive data like phone numbers and addresses.

Is this data properly exposed?

You found that the data is accessible only to the product team. However, youwant to share the data to your data analytics team, so that they can use it tobuild a machine learning model. Exposing the data to more people also meansexposing it to more development environments where this data will be stored andprocessed. You determined that the exposure risk will increase.

Can the risk of this data be reduced through data minimization and obfuscation strategies?

You know that the analytics team doesn't need any of the actual sensitivepersonally identifiable information (PII) in the dataset. However, they needto aggregate the data per customer. They need a way to determine which reviewsbelong to the same customer. To address this need, you decide to tokenize allthe structured PII—the customer email addresses—to keep thereferential integrity of your data. You also decide to inspect the unstructureddata—the reviews—and mask any intermittent sensitive data within it.

What's next

• Compare Sensitive Data Protection services that help you learn about yourdata (next document in this series)