Technologies and Best Practices for Cloud Security and Governance

As data environments continue to grow in complexity, the ways to govern and secure that data do as well. Cyberthreats evolve just as rapidly as technology does, requiring innovators to stay ahead of the next attack while ensuring data is still accessible to people when and where they need it.

Experts joined DBTA’s roundtable webinar, Data Security and Governance in the Cloud Era, to explore the latest technologies and best practices for navigating the cloud with security and governance in mind.

According to Joshua Stenhouse, field CTO of cyber resilience at Rubrik, a simple backup to a previous state of your environment does not equate to true cyber resilience. Instead, Stenhouse argued that recovering from a cyberattack—and doing so quickly—is the signifier of how robust an organization’s security foundation is.

Rubrik, Stenhouse explained, can be that robust security foundation, consolidating backup silos all while reducing risk from a single pane of glass. Additionally, Rubrik offers Data Vaults, a bunker-in-a-box approach to rapidly recovering from a cyberattack that offers 100% immutable backups, built-in scanners, and scale-out performance. Rubrik is also able to detect encryption attacks, discover sensitive data, hunt for threats, and automate recovery.

Kevin Pedersen, solutions architect at Pythian, recognized that though the cloud certainly has its advantages, it has an equal number of challenges when it comes to security and governance.

To combat these challenges, Pedersen emphasized applying software engineering principles to reduce risk. These principles include:

  • Creating configuration consistency
  • Enabling a test-driven approach
  • Increasing visibility and collaboration
  • Extending accountability
  • Reducing delivery and operating costs
  • Increasing release velocity
  • Detecting issues earlier in the release cycle
  • Establishing a culture of data-driven decisions

He further explained that shared ownership can help in addressing the challenges of the cloud. Sharing ownership reduces silos, makes failures easier to accept and manage, builds value iteratively, and creates visibility to then drive decisions with data.

Eric Schoepfle, data enablement solutions at Satori, explained that data governance is something that matures over time. Ideally, the outcome results in easy to find data that’s fit for purpose and provides the highest level of value while also adhering to a high level of compliance.

However, Schoepfle pointed out that this is not what’s happening. Instead, data governance creates more work, and is therefore hard to justify in terms of business value.

For data governance to truly work, it requires a collaborative effort from security to engineering and data consumers, all armed with  ways to promote a culture of secure data.

This collaboration is made easy with Satori’s data security platform, where managing access to data is the same as managing access to apps. Access is based on an automated, self-service, unified approach that invites central management and federated operations. The platform provides deep visibility into your data to ensure compliance, backed by granular security and privacy policies that are universally applied to all data stores.

As James Beecham, founder and CEO of ALTR, put it, there is a new data literacy emerging; the CDO and CISO are on a collision course surrounding the value of enterprise data in the cloud.

While CDO’s are concerned with data quality, accuracy, availability, and lifetimes, CISO’s are equally concerned with data confidentiality, integrity, security, and privacy. Despite these different needs, they both converge in wanting to achieve business value from the data itself.

In order to address these needs simultaneously, Beecham explained that the key lies in increasing rapid data consumption by removing data governance blockers. ALTR enables enterprises to overcome objections to putting data in the cloud, protecting sensitive workloads and offering real-time visibility over data access, backed by an ecosystem of integration.

Ultimately, ALTR offers three critical capabilities for managing data security in the cloud: real-time observability, real-time access control, and real-time alerts and notifications.

For an in-depth discussion of security strategies for the cloud, featuring demos, use cases, and more, you can view an archived version of the webinar here.