DSPM is recognized as a significant force in cyber security - this a clear indication that smart cloud data security is maturing and fast becoming a priority for security leaders.
As a pioneer and driving force behind redefining and innovating new ways to secure dynamic cloud data, at Sentra we are very encouraged to see how this technology is rapidly gaining more traction and market recognition.
It was not so long ago that Data Security Posture Management (DSPM) was considered an early stage emerging technology, and today we see how quickly it is being adopted, by organizations of all sizes and across most verticals.
Working hand in hand with top security leaders and teams across the globe, almost 24/7, we see how the high degree of fragmentation in cloud platforms, data stores and data handlers makes maintaining data visibility and risk assessment a real challenge. What’s more, data handlers are moving sensitive data around in the public cloud, and properly securing this data is very difficult, perhaps one of the most significant security challenges of our time. But more specifically, we see security teams struggle with the following issues:
- Detecting when data is copied across cloud data stores and identifying data movement when it is processed by data pipelines and ETLs. For example, we frequently see sensitive customer or financial data being duplicated from a prod environment to a dev environment. This would weaken the security posture should it not be encrypted or lack the necessary backup policies, for example
- Defining the right policies to alert security teams when sensitive data is copied or moved between regions, environments and networks
- Gaining a rich, yet clear data security context to indicate any security drifts such as excessive permissions or sensitive data that may be publicly accessible
- Or even just gaining a clear view of all the regulated data, to be ready for those big security audits
Here is Gartner’s take on some of the key challenges from their recently published Innovation Insight: Data Security Posture Management Report:
“Traditional data security products have an insufficient view to discover previously unknown, undiscovered or unidentified data repositories, and they fail to consistently discover sensitive data (structured or unstructured) within repositories. Such data is 'shadow data' that can expose an organization to a variety of risks”.
“To make matters worse, organizations must navigate a complex, messy market of siloed data security products. These products do not integrate or share policies, a shortcoming that results in gaps and inconsistencies in how data is protected and that makes it extremely difficult to achieve any consistent level of data security posture. Therefore it is important to be able to assess how data security posture is implemented by establishing a meaningful data risk assessment”.
“This situation is fueling an urgent need for new technologies, such as DSPM, that can help discover shadow data and mitigate the growing data security and privacy risks”.
Let's take a look at some of the key findings, taken directly from Gartner's Innovation Insight: Data Security Posture Management Report, that explain how DSPM solutions are starting to address some of the challenges in data security today:
- Data security posture management (DSPM) solutions are evolving the ability to discover unknown data repositories, and to identify whether the data they contain is exposed to data residency, privacy or data security risks.
- DSPM solutions can use data lineage to discover, identify and map data, across structured and unstructured data repositories, that relies on integrations with, for example, specific infrastructure, databases and CSPs.
- DSPM technologies use custom integrations with identity and access management (IAM) products. They can create data security alerts, but typically do not integrate with third-party data security products, which leads to a variety of security approaches.
This is just the beginning of a fast growing and flourishing category that will continue to evolve and mature in addressing the challenges and complexity of accurately securing dynamic cloud data.