Challenges in Achieving Continuous Protection and Preserving Compliance

Challenges in Achieving ‘continuous protection and preserving compliance’As complexity and scale increases in global computing, corporate executives at large enterprises are confronted with new data security challenges. In particular, CSOs and CXOs seek continuous, contextual and responsive protection for their enterprise data assets.

Specifically, they want to providing dynamic protection as new threats or suspicious activities occur. However, despite most efforts, a number of underlying challenges that make it difficult to achieve this goal at enterprise scale.

Standardization, Consistency, Auditing

Enterprises have tens of thousands of data assets that need to be protected. A viable solution should provide a central policy management to standardize the sensitive data definitions and associated protection policies across the enterprise. This gives the CXOs not only a way to achieve standardization, but to consistently manage changes to policy, as well as to audit and track compliance.

Accuracy and Effectiveness

Any solution that generates a significant number of false positives becomes ineffective. Accuracy is highly critical and false positives stand in the way of continuous detection and protection’.  Any solution without ‘data context’ and ‘user behavior analytics’ is unlikely to be accurate in a constantly changing environment.

Scalability and Time to Value

CSOs and CXOs are under tremendous pressure to achieve risk reduction and compliance within tight deadlines. The deadline and enforcement date for GDPR compliance is May 25, 2018. Enterprises are worried about the risks due to looming privacy class action for violations after the GDPR deadline and fines up to 4% of annual revenues.

It is critical for a viable solution to scale. If it takes X amount of time to achieve protection and compliance for one data store, how long does it take to go from 1 to 1000? (It can’t be 1000 times X.) The solution has to achieve 1 to 1000, at a fraction of the time per system relative to X. Intuitive usability, Orchestration of actions, work flows, machine learning and automation will be key to achieving ‘scaling and time to value’ expectations.

Continuous Protection – keeping up with changes

The problem CXOs have today is not simply to achieve protection and compliance a single time, but in continuing to preserve compliance, while data, usage, users and perhaps regulation – are all changing. A viable solution must keep up with the changes, by support for policy customization and regular assessment of risks. The solution must provide ‘continuous detection and protection’.

Out of the box readiness for deployment in non green-field environments

It goes without saying that there is no “green-field” environment. Every CXO has already invested in 20+ security solutions and controls. The need is not only new ‘Data centric’ approach to security and new capabilities driven by ‘machine learning’, but also to co-exist and improve the effectiveness of current security controls where ever possible.

A viable solution should be API driven, so it is easy to integrate in to already implemented security controls ranging from SSO, password management, ranger, sentry, shield, encryption and tokenization solutions.

Support for hybrid environment

Every CXO and IT leader I have spoken with across different industries (leaders in financial services, health care, Entertainment, transportation)  are in the process of going through the transformation and journey to the cloud.

Their world is currently a hybrid world and a viable solution should cover traditional data sources, Big Data, Cloud – where ever their data is.

References:

Blog: Wrangling Data Risk: Discovery, Detection, and Protection

Press Release: Informatica Advances Data Security Intelligence with Detection and Protection of Security Threats

Blog: Top 3 Data Security KPIs for 2017

Video: RSA Conference 2017 – Informatica Vlog

Comments