How to keep your data on lockdown
A new report on critical data security trends in 2019 highlights the challenges of protecting access to increasing volumes of sensitive data that is created and stored by organizations today.
According to the Vice President of Business Development at Axiomatics, Gerry Gebel, more companies are migrating their application workloads to the cloud, and new security needs are beginning to arise as a result of this “new normal” of a hybrid model that combines on-premise and cloud infrastructures.
He adds that protecting assets at a micro level are now key as companies develop new models and tools to protect their sensitive digital assets. All of this is needed to maintain their reputation and adhering to compliance mandates while improving the overall customer experience.
# 1 | Staying secure in the cloud
As always, companies are trying their best to hone their competitive edge whilst putting a protective shield on sensitive information. As the migration of data, applications, and workflows to the cloud continues, companies are integrating more Artificial Intelligence (AI) and Machine Learning (ML) data projects to ensure the smooth transition.
A priority in augmenting basic security capabilities of the cloud platform and cloud data service providers is emerging as more companies opt for solutions from AWS and Microsoft Azure that offer simpler, cheaper and more flexibility in terms of their data storage solutions.
The emergence of microservices, service meshes, and APIs are crucial in accessing sensitive or regulated data through fine-grained access is giving rise to OAuth and Attribute Based Access Control models. Companies are seizing on this as a real business advantage, as authorization as microservice, be it deployed on its own or as a complementary service alongside the app can be a real boon.
# 2 | The domino effect of risk
Some of the benefits associated with this trend include proper management and governance of access scopes and cleaner APIs. The report also highlights that the furor over General Data Protection Regulation (GDPR) and how it is implemented all over the world has companies worried.
There seem to be data privacy concerns that are directly linked to the recently signed United States, Mexico, Canada Agreement (USMCA) agreement (NAFTA 2.0). Data localization will now be restricted, and data will flow freely across borders.
While Canada and California have also passed new data protection laws with GDPR’s benchmarks taken into consideration, organizations will need to build up new security measures to adhere to the regulatory requirements. Perhaps context-sensitive and risk-based access controls models across the board in an enterprise setting may be the way forward.
# 3 | IT skills gap and IoT concerns
The IT skills gap is something that is becoming an issue for markets across the globe. Identity and Access Management (IAM) tools are being cited an example where organizations need to continue investing in training for employees. Companies like IDPRo are ensuring their focus is on paving the way forward for the next generation of digital identity professionals the world over.
The Internet of Things (IoT) paradigm is being touted as one of the main reasons analytics is playing a big role in scrutinizing vast amounts of data. At the same time, finer-grained access control is required to protect these ‘data lakes’.
# 4 | Security at the forefront
“As more data is generated through IoT devices and moved to the cloud, it becomes increasingly important to share that data securely across an enterprise to generate analytical insights,” said Pablo Giambiagi, vice president of strategic research at Axiomatics. “As a result, businesses are in search of modern tools and approaches to stave off unauthorized access to data and mitigate their chances of a data breach in 2019.”
Vice President of Strategic Research at Axiomatics, Pablo Giambiagi, believes that the increasing importance of data sharing in order to generate insights will lead companies to modernize their approach towards reducing data breaches and unauthorized access through better tools and processes.
22 March 2023
22 March 2023