ALTR teamed up with IDG to host a discussion entitled Data, Security and Visibility: How to Minimize Risk in a Time of Rapid Business Change. The aim was to share best practices and challenges around:
- The ongoing struggle between security needs and innovation goal and how the pandemic has added to that tension
- How remote work has increased risk and security exposures, specifically related to insider threats and credentialed breaches
- The importance of observability to understand how data is being consumed in order to establish patterns and quickly recognize risky applications and abnormal consumption
- How to distinguish between security at the device, application, and database level
- Re-evaluating priorities and making effective decision when it comes to security and data protection
With participants from an array of different industries, job functions, and project priorities, it was interesting to learn about their specific goals and challenges, but in the end it was evident that the group had a lot more in common than we anticipated.
1. The business owns and understands the data, making it increasingly more challenging for IT to protect the data.
One participant pointed out that whenever someone needs data within the company, they ask IT. While that seems like a logical place to start, it’s usually the business that actually owns and understands the data. While they usually end up finding it (from the business), it is not an efficient use of time and resources. The first step to solving this problem find a single platform to bridge that gap, providing observability and logging all consumption. This will allow IT to maintain protection of the data while also being able to curate it in a timely manner.
2. Remote work has all but dissolved the traditional perimeter for any organization or enterprise that still had strong network-based security.
A member of the group shared his story of when the pandemic started and work from home became mandatory. Remote access, which for many organizations might have been a small percentage of their work force, suddenly became the only way that workers were using the organization’s resources. Strong network-focused security postures needed to adjust overnight into more data-centric approaches.
3. Data security is still far too dependent on the infrastructure on which it resides – the cloud has made the problem worse because cloud providers try to provide differentiated toolsets.
This conclusion came out of a discussion around security tools canceling out many of the reasons to leverage the cloud in the first place. Easy to get started, no hardware to install, and the ability to scale quickly are what make the cloud so appealing. So why shouldn’t your security solutions work the same way?
Many newer, more advanced security products are less bound to a specific infrastructure, which means that they can function across hybrid environments and simplify the complex mix of products. This simplification driven by the cloud has become a priority for security leaders.
4. Security clouds are becoming a cost-effective reality with cloud data platforms like Snowflake, but organizations are still overwhelmed with the amount of security data they are collecting.
Cloud data platforms have dramatically improved the speed, efficiency, and flexibility of collecting and analyzing data to power the modern data-driven enterprise. But ease of use and greater access to collected data has presented new challenges in terms of managing data consumption. The modern data ecosystem starts with core applications that create and use massive amounts of data every day. Along the way data is shared, both inbound data from third party sources and outbound data shared with close partners.
By first observing data consumption you can understand how data is being consumed to understand patterns and create baselines. It also reveals high risk applications that you should probably focus on. Once you understand how the data is being consumed can begin to actual govern the consumption. Using this approach, you ensure your data is safe while keeping it accessible for the business to do their jobs.
5. An organization's data security approach must be unique because it’s dependent on the type of data they have and how it needs to be accessed.
One attendee at the round table worked at a design firm that deals in very large files that are sensitive because they contain important intellectual property, while another worked for a large insurance company that deals with large structured databases that contain PII. Every organization has unique need and challenges, but they have all been affected by remote work and now have data traversing the Internet far more than before.