Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline.
Why current data security approaches are falling short.
This is where the modernization ends for many, as most still rely on traditional data security methods that were built for on-premise environments, where data sources were both small and manageable.
Today's modern data stack is comprised of an explosion of data sources, data consumers, and use cases.
Securing data is a primary concern for data and infosec teams as information is no longer limited to what was generated by trusted data consumers or was contained behind their own firewall.
On the other hand, modern architectures are comprised of a hybrid of centralized data infrastructures, disaggregated compute engines, and distributed applications, which makes older approaches to achieving data security untenable.
Like the modern data architecture itself, a modern data security approach must be flexible, scalable, and able to support numerous hybrid data ecosystems so that consumers can use multiple data consumption approaches.
Then there are interoperability factors: databases, files, events, and/or APIs may be offered by different vendors, each with their own style and approach to data security.
Complicating matters further is the lack of common security standards, as traditional products are designed for either operational or analytical data stores and may be unable to interoperate with one another.
Organizations are now rethinking data security by examining the numerous layers of their legacy data stack and determining interoperability, scalability, and security needs without applying any pre-existing assumptions.
Originally designed for software engineers to continuously monitor and test early in software development lifecycles, shift left data security addresses potential data security issues sooner in the data journey.
Shift left data governance allows policies to be attached to data workloads as soon as they leave source systems and remain attached all the way to the cloud and to data consumers.
By identifying, preventing, and tackling data governance and security measures earlier, and to the left of the cloud data warehouse, teams can initiate the strong access governance and security capabilities already available on cloud data warehouses and extend them back to data as it leaves source systems.
It enables data users to ensure the proper policies are attached and applied while data is in motion and at rest.
Instead of being confined to data quality or data reliability, security needs to become another use case application of the underlying data and be unified into the rest of the data observability subsystem.
By doing this, data security benefits from the alerts and notifications stemming from data observability offerings.
Data governance platform capabilities typically include business glossaries, catalogs, and data lineage.
As a result, these proactive and transparent views over the security of critical data elements will also accelerate application development and improve productivity.
Sensitive and regulated data that is left unprotected before reaching cloud data warehouses means that data is at a high risk of exposure.
The concept of data mesh, and initiatives such as data products are pushing the accountability of data to the business domain teams that reside on the left.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Fri, 08 Dec 2023 05:43:32 +0000