The Emerging World of Data Security Posture Management
Recent data breaches across the enterprise have led to a new data security approach called 'DSPM.' But what is DSPM anyway, and what does it mean for the enterprise?
Join the DZone community and get the full member experience.Join For Free
The post-COVID world has seen more organizations adopt remote and hybrid work, allowing employees the flexibility to work from anywhere (WFA). While the move to a remote-hybrid work model for business operations comes with several benefits — like reduced cost and employee retention — it has not been without some challenges. For one, the proliferation of remote-hybrid work also meant that more organizations began migrating their workloads to multi-cloud environments as teams sought to work effectively without interruptions. In fact, one article on Forbes notes that the cloud is the backbone of remote work.
But with more employees working remotely from different parts of the world and sensitive data moving across multi-cloud and hybrid IT architectures, companies are faced with several security risks. From unsecured Wi-Fi networks used by employees to weaker security controls, to cloud misconfigurations, and more, the WFA model has widened the attack surface more than ever before. To put this in a practical perspective, Fortinet’s most recent “Work-From-Anywhere Global Study” shows that over the past 2 to 3 years since COVID-19, “nearly two-thirds of companies have experienced a data breach due to their WFA-employee vulnerabilities.”
Data breaches at Equifax, Solarwinds, and, more recently, T-Mobile have shown many organizations a stronger need for data security. This is what has now given rise to a new approach called data security posture management (DSPM), which aims to help organizations gain a consolidated view of data risks across their entire IT environments.
What Is Data Security Posture Management?
Research firm Gartner notes that “Data security posture management (DSPM) provides visibility as to where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is.” Gartner further lists users of DSPM to include players in “information technology (IT) departments, security teams, compliance teams, and executive leadership.”
So long as an organization utilizes data in any form, the onus is on that organization to protect the data. The modern-day organization needs to have the capacity to prevent unauthorized users from accessing data as it moves across on-premises, cloud, hybrid, and multi-cloud environments. This can be challenging in the public cloud, in particular, where there’s a lack of visibility over what data is in use and where.
Since most organizations do not have that capability in-house, third-party vendors are emerging to fill the gap. One such company is cloud data security vendor Sentra, which says it’s “making data the new center of gravity.”
“Today’s security approaches are blind to the movement of sensitive data traveling through the cloud environment. Sentra’s platform understands today’s Dynamic Data Lifecycles and offers a dynamic security lifecycle to match,” notes the company’s website.
Yoav Regev, cofounder and CEO at Sentra, believes data security can give flight to organizations in today’s world. “Today, most organizations view security as a blocker to business success, not an enabler. Sentra was founded because we believe this thinking to be flawed, as data security should be a business’s most important enabler. When data is used efficiently and protected appropriately, organizations can move faster in this digital age and ensure business continuity,” says Regev.
Another data security expert, Yotam Segev — cofounder and CEO at data security company Cyera — notes that DSPM is the solution that the data security world needs. “Not too long ago, your crown jewel files were domiciled in the four walls of your office. With the move to the cloud, the files and data are scattered across many different systems, and the question is: ‘Where are my sensitive data, and how do I secure them?’ That is what DSPM is here for,” he said on a Last Watchdog podcast.
How DSPM Protects Data
Although the cloud has fast become the storage platform of choice for organizations to store data, it brings in an added vulnerability where every file or data element can be easily shared with anyone around the globe. This data can also be easily copied, duplicated, modified, and shared. With sensitive data on the line, this presents a very unique security challenge, one DSPM is now poised to solve.
Jonathan Roizin, cofounder and CEO at Flow Security, explains how DSPM helps organizations to firm up data security. “First, it must identify all the sensitive cloud data, from intellectual property to financial to PII/PCI/PHI,” he explains.
Then, he continues, it gathers all the information about what data is being shared with whom and tracks data lineage as it moves across the environment. Identifying where the data may be at risk is a crucial step, as it provides visibility into which data is being shared in accordance with corporate security guidelines and where violations are happening. Typically, DSPM will alert SOC analysts to provide actionable insights.
Finally, and perhaps most importantly, “DSPM can remediate those issues as they are happening. For example, it might fix access control issues or permissions. Or, it may disable sharing a sensitive file with a third party that should not be shared,” concludes Roizin.
What Is the Outlook for DSPM?
Since its entry into the Gartner Hype Cycle for Data Security, 2022, in the first position, DSPM has been on the rise. According to the Hype Cycle, DSPM’s market penetration is less than one percent currently. But security professionals can differentiate themselves and their organization by using DSPM to decouple data growth from data risk. With this strong foundation, CISOs can make risk-based decisions about data security, governance policies, compliance concerns, and appropriate security controls — creating peace of mind for themselves and other stakeholders.
While DSPM is a new concept, subsets of its general functionality are seen in current tools for cloud security. Unfortunately, their functionality is siloed, and these standalone tools do not fulfill all major functions of DSPM required for systematic, comprehensive, and effective security of all cloud data.
It is left to be seen what the growth of DSPM will be in a brave new world where a data-first approach is key.
Opinions expressed by DZone contributors are their own.