Symmetry DataGuard doesn't simply augment existing SaaS platforms with data classification to claim DSPM coverage instead, it was designed from the ground up to maximize the protection of data. Symmetry DataGuard is a purpose-built data security posture management platform. This should include removing sensitive data from inappropriate environments, identifying, and eliminating misconfigurations, and data minimization by archiving or deleting data or by deleting unused privileges from active accounts. Minimize blast radius: Organizations must constantly assess the volume of data at risk and prioritize pragmatic steps to minimize the potential impact of a security breach of a single identity, data store, vulnerability, or misconfiguration. This should include ensuring multi-factor authentication is required for all identities with access to sensitive data and data stores that contain sensitive data and removing dormant accounts from the environment. Reduce data attack surface: Organizations should have processes in place to use the results of this analysis to proactively identify and reduce the data attack surface. This should include determining the level of encryption of the data, the validity of hashing and tokenization of data in certain environments, and most importantly the validation of cloud configurations and access controls, including authentication required to access data. Monitor data activity and data flows: An important next step is to ensure you have visibility into activity and the flow of your data, because it improves your ability to detect and respond to any anomalies or indicators of compromise as you improve your data security posture.Īssess data security controls: Once you have this visibility and insight into your data, you can conduct an evidence-based assessment of your data security controls. Inventory your data: A data inventory-that is a comprehensive list of all data stores and the sensitivity of the data within them-is an essential first step in determining the current status of capabilities. To maintain a good data security posture, organizations should do the following: Overall, a robust organizational data security posture involves a comprehensive approach to managing the security of an organization's data, including continuous inventory and classification of data, ongoing assessment and improvement of data security controls, proactive rightsizing of access to data, and a commitment to continuous monitoring and response to unusual usage of data." This includes identifying the types and volumes of data that could be affected, as well as the estimated costs and predicted consequences based on current control effectiveness. Data security posture is an assessment of an organization's data store or individual data objects:ĭata attack surface: A mapping of the data to the identities, vulnerabilities, and other misconfigurations that can be used as entry points to gain access to it.ĭata security control effectiveness: An evidence-based assessment of the data security and privacy controls against industry best practices and organizational policy.ĭata blast radius: A quantifiable assessment of the data at risk or the maximum potential impact of a security breach of a single identity, data store, vulnerability, or misconfiguration. Symmetry Systems defines data security posture as ".the current status of the capabilities required to protect data from unauthorized access, destruction, and/or alteration. There certainly is a lot being marketed and published about data security posture management solutions themselves, but we first wanted to dig into what is data security posture? Since that report, Gartner has identified at least 16 DSPM vendors, including Symmetry Systems. In that report, Gartner1 seems to have kicked off the popular use of the data security posture management term and massive investment in this space by every VC. But what exactly is data security posture, and how do you manage it?ĭata security posture management (DSPM) became mainstream following the publication of Gartner® Cool Vendors™ in Data Security-Secure and Accelerate Advanced Use Cases. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected.
0 Comments
Leave a Reply. |