Data discovery has as much to do with classifying its whereabouts and importance as it does what actions should ultimately be taken with that digital information. Forward-looking security should employ the shift left data strategy. But what exactly does that mean?

Shift left: A data classification strategy

Shift left is a philosophy that looks to catalog, classify, and govern data at data ingestion or creation (at the left side of a horizontal funnel that illustrates the data lifecycle and its proliferation — see image). According to IAPP, that narrow end represents the point when data first enters the company’s tech ecosystem. As you move right in the funnel, the amount of data grows with copies, inferences, and data analysis. The point of collection is best suited to classify and inventory data, so that it follows the data, creating downstream efficiencies. Most companies classify and inventory data toward the right side of the funnel, which is a recipe for delays, inaccuracies, and potential security incidents.

As the image shows, a single point of data will grow in size and importance — expanding its risk potential — the longer it weaves its way through your data estate. The farther right the data point goes before it’s classified and governed, the more likely it is to become a threat to your organization. 

For privacy and security teams to be able to shift left in their data classification strategy, they’ll need two things. First, a consumer-facing collection point for capturing consent and purpose that integrates these signals into the data map to inform the orchestration of data policies that include access and retention. And second, a data discovery tool that can help bring all of your existing data to light and into compliance with policies.

Gaining visibility into your data is paramount. From there, action can be taken to further monitor, manage, and de-risk that data with classification. Automating these processes will keep you both compliant secure. Find out more with a demo today.