Official forum for Utopia Community
You are not logged in.
Data security is undergoing a revolution. Organizations are increasingly realizing the opportunity to provide evidence-based security that demonstrates how their data is protected as new data security posture management solutions enter the market. How do you manage data security posture, though, and what exactly is it?
After Gartner® Cool VendorsTM in Data Security—Secure and Accelerate Advanced Use Cases was published, data security posture management (DSPM) gained widespread acceptance. Gartner1 appears to have started the widespread use of the term "data security posture management" and significant VC investment in this field with that report. Since that report, Gartner has identified at least 16 DSPM vendors, among them Symmetry Systems.
Describe Data Security Posture.
Data security posture management solutions are undoubtedly being advertised and published widely, but we first wanted to delve into what data security posture actually is.
According to Symmetry Systems, data security posture is ".
Dot the current state of the necessary tools for safeguarding data against unauthorized access, erasure, and/or modification.
An evaluation of an organization's data store or specific data objects is known as data security posture.
Data attack surface: A mapping of the data to the identities, weaknesses, and other configuration errors that can be used as access points to it.
Effectiveness of data security controls: A fact-based evaluation of the controls' adherence to organizational policy and industry best practices.
Data blast radius: A quantifiable evaluation of the data at risk or the greatest possible effect of a security breach involving a single identity, data store, vulnerability, or configuration error. This entails identifying the data types and volumes that may be impacted, as well as the estimated costs and anticipated consequences based on present control effectiveness.
Overall, a strong organizational data security posture entails a thorough approach to managing the security of an organization's data, including continuous data inventory and classification, ongoing assessment and improvement of data security controls, proactive rightsizing of access to data, and a dedication to continuous monitoring and response to unusual usage of data. ".
Businesses should take the following actions to keep their data secure:.
Data inventory: A data inventory, or comprehensive list of all data stores and the sensitivity of the data they contain, is a necessary first step in determining the state of capabilities at the moment.
Monitor data activity and data flows: As you strengthen your data security posture, it's crucial to make sure you have visibility into the activity and the flow of your data. This will enable you to spot any anomalies or signs of compromise and take appropriate action.
You can conduct an evidence-based assessment of your data security controls once you have this visibility and understanding of your data. This ought to involve figuring out the data's level of encryption, the accuracy of data hashing and tokenization in particular environments, and most importantly, the verification of cloud configurations and access controls, including the authentication needed to access data.
Reduce the data attack surface: Organizations ought to have procedures in place to use the findings of this analysis to proactively recognize and minimize the data attack surface. This should involve clearing out dormant accounts from the environment and requiring multi-factor authentication for all identities with access to sensitive data and data stores that contain sensitive data.
Reduce the impact of a security breach caused by a single identity, data store, vulnerability, or configuration error by prioritizing practical actions and constantly assessing the volume of data at risk. As part of this, sensitive data should be removed from inappropriate environments, misconfigurations should be found and fixed, and data should be minimized by either archiving or deleting data or by removing unused privileges from active accounts.
Symmetry DataGuard Solution.
The platform for managing the data security posture is called Symmetry DataGuard. In order to claim DSPM coverage, Symmetry DataGuard does not simply add data classification to already-existing SaaS platforms; rather, it was built from the ground up to maximize data protection. To make sure that data never leaves the control of the customer, the platform is typically deployed within the customer's cloud environment. Regardless of how sensitive the data is or the different compliance regulations, this deployment model works well.
The Symmetry DataGuard platform's core consists of a deep graph of data objects, identities, and all access permissions and operations made on the data objects. Organizations can manage their data security posture using the components provided by this interconnected graph. We looked into the Symmetry Solution to see how it assists businesses in resolving a few crucial issues.
Inventory of data.
Following installation and configuration, Symmetry DataGuard collects data from cloud environments. Installing within the customer's cloud environment facilitates this, but Symmetry DataGuard can aggregate data from all of your cloud environments as long as it has the necessary permissions to query the data. Symmetry Systems advises installing Symmetry DataGuard in every cloud environment (i.e., to prevent irrational data egress fees). e. AWS, Azure, etc.
).
Information about is quickly gathered by agentless discovery.
the setting of the cloud.
The identities with access to the environment, including users, services, roles, and groups.
the environment's datastores.
The picture below shows some examples of the environment inventory data that Symmetry DataGuard has gathered:.
posture for data security.
Figure 1 shows data from Symmetry DataGuard's data environment inventory.
The knowledge gained here is used to launch a sampling of the data in the identified datastores. The sampling strategy can be fully customized. Symmetry DataGuard offers a large selection of prebuilt data identifiers that locate and categorize an organization's data within the identified datastores using a combination of keywords, regex pattern matching, and machine learning-based matching. In order to improve the set of identifiers and increase the precision of their classification process, Symmetry Systems collaborates with their clients to develop, adapt, and enhance them.
Organizations are given searchable views and visualizations of their data inventories thanks to this insight into the categorization of data within each data store, which is added to the deep graph. These data inventory examples are surprisingly lovely, as can be seen in the picture below:.
Data Security Position.
By mapping identities, access, data types, and storage locations, data visualizations can improve the accuracy of the data classification process (see Figure 2).
Track data flows and activity.
Symmetry DataGuard gathers telemetry on all data activity or data operations being carried out on data within your environment as part of the discovery and ongoing monitoring of the environment. This covers failed and rejected attempts. By using this telemetry, it is possible to gain a more comprehensive understanding of who is accessing an organization's data and where it is moving to or coming from as a result.
In order to help organizations identify external data flows, unsuccessful attempts to access sensitive data, and a variety of other intriguing data-centric threat detection scenarios, this information is cross-correlated with the data inventory.
Below is an illustration of how these flows are visualized:.
Position on data security.
Figure 3: Data flows assist organizations in identifying data-centric threat detection scenarios.
Create, read, update, and delete operations are divided into four high-level classes. When evaluating unusual or high-risk activity against particular data, this is helpful.
Conduct a data security controls assessment.
Additionally, Symmetry DataGuard evaluates the identity and data security configurations, and it can issue alerts when either of these settings deviates from predefined guidelines or is altered. These configurations may involve figuring out whether:, but they are not restricted to that.
Data has been encrypted. (This includes indigenous.
).
MFA is activated.
Monitoring is activated.
For the data-centric portions of the Center of Internet Security (CIS) benchmarks and other compliance frameworks, Symmetry DataGuard has out-of-the-box compliance policies that are used to check for compliance. The dashboard for compliance examples are provided below:.
Data Security Position.
Figure 4: The Symmetry DataGuard compliance dashboards include pre-built compliance policies that can be used to assess adherence to data-centric benchmarks from the Center of Internet Security (CIS) and other compliance frameworks.
Information about the configuration that was checked during each compliance check can be found on the compliance dashboard, along with the corrective actions that were taken. When one of the compliance checks is expanded, we obtain the specific outcome that is shown below:.
Data Security Position.
Figure 5: Information about configuration and corrective action is included in compliance checks.
Organizations can check their data for errors and compliance with different regulatory frameworks (PCI DSS, SOC 2, etc.) using the compliance dashboard.
).
Organizations operating in highly regulated sectors depend on Symmetry DataGuard's compliance checks because they are more accurate than other compliance configurations carried out at the cloud infrastructure.
What to Remember.
The attack surface and blast radius of the data in your organization are decreased by a strong data security posture. A thorough understanding of the data itself, the identities that can access it, the controls that protect it, and monitoring of the operations being carried out are necessary for achieving and maintaining a good data security posture. A top platform like Symmetry DataGuard has the capacity to maintain data inventories, track activities and operations, check for secure data security configuration and compliance, and provide evidence-based data security.
You can request a demo at Symmetry-Systems.com if you're curious to learn more about Symmetry Systems and their data security posture management solution, Symmetry DataGuard.
Offline