It was, literally and figuratively, the perfect storm. A snowstorm forced everyone from a Wall Street wealth management company to work from home. At the same time, customers were denied access to their information and their contacts were called to the understandably interested company. The operations team determined that with data analysts working from home, the Internet pipeline was heavily loaded and dropping packets.
While this issue was quickly resolved, it generated a red flag at the next partner meeting. For some time, the CIO had advocated a move from the data warehouse to the cloud, but the potential downtime associated with that decision pushed it into the “once again” category. Now, cloud migration seemed to be the only viable solution to prevent the aforementioned incident from happening again, or worse.
Situations like this were a precursor to cloud-minded organizations and the pandemic accelerated a hyperconnected world where remote work is important and cloud migrations are frequent. With these changes, IT departments realize that the old perimeter approach to security is outdated and they need a security ideology that embraces the idea of location independence. This strategy is called data security mesh.
Definition of the data security mesh
Gartner designated one of the cybersecurity mesh methods Major strategic technology trends for 2021 and said that “it allows to define the security perimeter around the identity of a person or thing. It allows a more modular and sensitive approach of security by centralizing the orchestration of policies and the distribution of the application of the As part of this strategy, a data security mesh is more nuanced. It exists under the network layer, focusing specifically on how each user collects, stores, uses, and securely shares records. data through their individual devices.
The security policy needs to be applied at the data logging level to achieve flexibility. Each data resource may require different levels of security, allowing organizations to scale the protection of each access point and its interaction. When properly implemented, a data security mesh can protect data from any source to any destination while ensuring that existing workflows remain intact.
Creating the data security mesh
It is one thing to understand the need to implement a new strategy and another to determine the steps needed to do so. A comprehensive data security mesh strategy will address challenges that require auditing existing technology, properly training staff, and verifying technology partners.
- Audit and integrate existing technology. Old and new protection mechanisms must work together, so it is critical to understand how – or if – existing technology helps or prevents the security of cloud data. For example, you need to audit all “at rest” encryption capabilities and make sure each one is standardized. It is possible for each data warehouse to have its own data protection mechanisms, so consistent protection is needed, regardless of where the data resides or where it goes across the entire mesh. Improving current safety postures to expand from “at rest” to “in use” is one of the key advantages of mesh.
- Joncorporate mesh-centered training. The data safety net requires a cloud-based mindset among everyone who uses, shares, and protects data. Training for a data security mesh should focus on:
- Implementation of protection mechanisms based on subsequent utility, which allow access to sensitive data without exposing it.
- Mesh architecture for scaling as data volume increases.
- Ensure that application performance is measured and monitored.
One way to build a cloud-based culture is by implementing a file DataSecOps approach, where IT and data scientists work continuously to ensure that specific security measures are integrated into the infrastructure from the outset. Early collaboration between data scientists, IT, and developers is needed to ensure that these new security protocols are an inherent part of how data is accessed, shared, and stored. In doing so, applications can interact seamlessly within the mesh to facilitate the integration of legacy systems and new concepts, such as serverless capabilities.
- Potential veterinarian partners. Transferring data to the cloud requires having security partners to help ensure a successful data security mesh approach. As with any collaboration, it is vital to conduct proper due diligence and ask the right questions from any potential partner, such as the following:
- What is your identity strategy to ensure that a consistent stance is maintained in all cloud environments?
- What security and privacy certifications do you have?
- How aware are you of the rules of compliance and privacy to which our organization is subject?
Cloud computing creates an environment where there are no limitations on the location of data or how much is collected and processed. A data security mesh enables this advanced approach and provides a number of other benefits, including increased data access control, improved security analytics, mass scalability, and increased performance of all data-related functions. Data is the organization’s most valuable non-human asset and protecting it in a way that fits our growing dependence on the cloud should be a priority.
This article originally appeared in Forbes.
The post How to Protect Cloud Data Anywhere Using a Data Security Mesh first appeared on Baffle.
*** This is a syndicated blog from Baffle’s Security Bloggers Network, written by Ameesh Divatia, CEO and co-founder. Read the original post at: https://baffle.io/blog/how-to-protect-cloud-data-anywhere-using-a-data-security-mesh/