Aviv Zisso

The recent webinar, featuring SoFi’s Director of Product Security, Pritam H Mungse, along with Senior Staff Application Security Engineer, Zachary Schulze, and Sentra’s Director of Customer Success, Aviv Zisso, provided valuable insights into managing data security in cloud-native environments. This discussion is crucial for organizations grappling with the challenges of data sprawl, security, and compliance in the ever-evolving digital landscape.

Understanding the Challenges

The webinar kicked off by exploring complexities faced by security teams in cloud-native environments. Pritam highlighted issues such as data duplication, lack of visibility, and the risks of unauthorized access and compliance violations.

These challenges emphasize the importance of developing robust strategies for data management and protection in cloud environments. Businesses need to be smart about how they manage and protect their data in the cloud. It's not just a one-and-done thing; it's an ongoing process of figuring out the best way to keep your data safe in the ever-changing world of cloud computing.

Proactive Data Protection: The Starting Point

A significant portion of the discussion centered on proactive data protection. The speakers emphasized understanding where and how data is stored and accessed in the cloud. Pritam noted, “understanding where your data is...is the first step for you to be able to say, now I can protect that data.” This statement encapsulates the essential first step in any data security strategy: gaining visibility into data creation and storage.

Prioritizing Risks: Aligning with Organizational Goals

Addressing the challenge of risk prioritization, the conversation shifted to aligning security measures with the organization's goals and risk appetite. Pritam elaborated on the importance of this alignment and the need for a well-defined internal policy framework to guide the prioritization process effectively.

Action and Remediation: Building a Framework

The panelists then delved into the processes of taking action and remediating potential data security issues. They discussed the need for systematic and repeatable approaches to address data security concerns, emphasizing the significance of a structured remediation framework within organizations. This makes it clear that building a robust framework is also an investment in the ongoing health and strength of an organization's data security. This strategic focus helps organizations navigate current challenges while also positioning them to proactively address future threats in an ever-evolving digital landscape.

Leveraging Sentra for Enhanced Data Security

SoFi's experience with Sentra formed a core part of the discussion, highlighting three main usage aspects:

• Data Catalog Creation: Utilizing Sentra's discovery and classification capabilities, SoFi developed a centralized data catalog, enhancing the visibility and management of their data. Zach shared, “The next almost natural step to that is like the creation of a single place to understand and direct you to where all this data actually exists.”

• Compliance Adherence: The webinar explored how SoFi used Sentra to map data to various compliance frameworks. Zach discussed the importance of custom data classes and policies, allowing for alignment with both industry standards and internal requirements. Sentra's capabilities extended beyond mere automation, becoming an integral part of SoFi's proactive approach to meeting and exceeding compliance expectations.

• Data Access Governance: The conversation also covered how Sentra improved SoFi’s data access governance. Pritam highlighted, “being able to go from a different lens and answer those questions is super nice.” This reflects the depth of insight and control that Sentra provided in managing data access.

The Critical Role of Accurate Data Classification

Accurate data classification was a key topic, with the speakers discussing the challenges and importance of correctly identifying sensitive data. They stressed that accurate classification is foundational to successful data security programs, as it directly impacts the effectiveness of protection strategies. Further, they discussed how automating data classification with Sentra proved crucial in their diverse data ecosystem, spanning various stores and cloud environments. Manual classification, given the complexity, would have taken a very long time, making the automated approach significantly valuable in streamlining the process and ensuring timely and accurate identification of sensitive data.

Integrating Sentra into SoFi’s Security Framework

The webinar concluded with reflections on the integration of Sentra into SoFi's existing security workflows and policies. The speakers underscored how Sentra's capabilities have been instrumental in SoFi's efforts to tackle data security challenges comprehensively, from discovery and classification to compliance adherence and governance.

‍

The insights from SoFi’s journey provide valuable lessons for organizations looking to enhance their data security in cloud-native environments. The discussion highlighted the importance of visibility, accurate classification, and a structured approach to data security, underlining the benefits of integrating advanced tools like Sentra into security strategies.

‍

Watch the full SoFi webinar recording.‍

As the Director of Customer Success at Sentra, I've embarked on an amazing journey witnessing the transformative impact our Data Security Posture Management (DSPM) platform has on organizations, particularly in the dynamic landscape of Fintech and e-commerce. Today, I'm excited to share some firsthand insights into the benefits our customers have experienced, demonstrating the core use cases that set Sentra apart.

Online Retail Leader Ensures Regulatory Compliance with Ease

In an era of ever-evolving data security and compliance regulations like GDPR, PCI-DSS, and local ones like CCPA and India’s DPDPA, Sentra has emerged as a steadfast ally for organizations in their quest for improved data security. The core of what Sentra does—discovery and accurate classification of cloud data—is the cornerstone of maintaining a data security policy in growing complex environments. I've seen our customers better align their data security practices with the latest regulatory standards, gaining not just compliance but also a competitive edge by demonstrating a commitment to safeguarding sensitive information.

Example:

A strong example was when I worked closely with a leading e-commerce provider facing a GDPR compliance challenge. Unbeknownst to them, sensitive customer Personally Identifiable Information (PII) data was being duplicated across regions. Within a few hours of deploying Sentra, our platform discovered this critical data residency issue, allowing the organization to swiftly rectify the situation and fortify their compliance stance.

Global Payment Processing Company Reduces Data Attack Surface and Costs

Sentra's expertise in the ability to reduce the data attack surface by mitigating shadow data and enforcing data lifecycle policies has become a game-changer in a cost aware environment. The accurate classification of cloud data not only enhances security but also leads to substantial savings. Our customers have reported streamlined operations, reduced storage costs, and a more efficient use of resources, thanks to Sentra's proactive approach to data management.

Example:

A Fintech startup witnessed a significant reduction in storage utilization and costs by leveraging Sentra's data lifecycle policies. The platform's unique ability to group objects on Blob storage (such as S3, GCS and Azure Blob) provides a one-of-a-kind high level view of groups of objects which are not being used and are stored in an expensive storage tier. Sentra detected multiple cases of inefficient storage for such archives, which resulted in an increase of $50,000 a month in their monthly cloud bill, and this was quickly remediated.

Fintech Startup Implements Least Privilege Access and Access Governance

In the realm of sensitive data, implementing Least Privilege Access and Access Governance is paramount. Sentra empowers organizations to fortify their defenses by ensuring that only authorized personnel have access to sensitive information, and by creating a crystal clear data access graph for every identity. The accurate classification of cloud data enhances control over data, supporting routine access reviews, reducing the potential blast radius of a security incident.

Example:

In response to a suspected security incident, one of our forward-thinking financial customers leveraged Sentra to enhance their access governance. Sentra's detection capabilities pinpointed unnecessary permissions, prompting the organization to swiftly reduce them. This proactive measure not only mitigated the risk of potential breaches but also elevated the overall security posture.

‍

Global Payroll Solution Provider Enriches Metadata Catalogs for Robust Data Governance

Sentra can also help enrich metadata catalogs for comprehensive data governance. The accurate classification of cloud data provides advanced classification labels and automatic discovery, enabling organizations to gain deeper insights into their data landscape. This not only enhances data governance but also provides a solid foundation for informed decision-making.

‍

Example:

I'm thrilled to share the success of an ongoing cataloging project with another customer, a prominent player in the finance sector. Prior to Sentra, they were manually classifying data within Snowflake using tags. However, Sentra's automatic classification process and Snowflake integration has become a game-changer, saving tons of time for their data owners and engineers. This efficiency not only expedites their cataloging project but also positions them for future audits with unparalleled ease.


At Sentra, I believe we go beyond providing a solution; we're here to help you build a secure and compliant data environment. The success stories shared here underscore the dedication and innovation our customers bring to the table, and I’m honored to be a part of it.

‍

If you are eager to explore how Sentra can elevate your data security posture, don't hesitate to reach out. Let's embark on this journey together, where security meets success.