Is data security blocking your digital innovation? Data-centric protection can remove the obstacles

You probably hear a lot about technical concepts such as digital modernization and transformation. Modernization and transformation quite simply are ways to upgrade all or parts of an IT infrastructure to current- or next-generation tools and processes so that they better align with how your organization does business, with the sole purpose of enabling your organization to work and produce more effectively. These activities aren’t end goals for many of our customers, though, but rather stepping stones to achieve something bigger and far more meaningful. That end goal is digital innovation.

Digital Innovation Defined

Digital innovation is the way in which your organization uses software technologies to solve market problems more efficiently and effectively, problems that plague your market as well as your customers. Digital innovation gives organizations a distinct competitive advantage. Two major factors feed digital innovation: those aforementioned software technologies, and the data that software processes and analyzes, working in tandem to generate actionable insights that help your organization compete. Take, for example, a large financial services enterprise that uses the massive amounts of transactional data it collects from its existing customers in order to find latent purchasing patterns, revealing new types of desirable services, or new types of customers, or both before its competitors discovers the same. This is what we really mean by digital innovation.

Data Security Can Create a Roadblock

To achieve digital innovation, you have to work more nimbly and intelligently with large quantities of data. Many organizations are changing their application architectures to embrace the full potential of cloud, shifting to a cloud-native posture (via Kubernetes and container-based deployment models as well as micro-services) and DevOps practices. This speeds up the development cycle and creates hyper-agility and the ability to iterate and innovate more quickly. Doing this more quickly propels your organization, again, toward insights and innovations before the rest of the market.

Unfortunately, it also puts all that enterprise data at risk, because applying more traditional data security controls such as perimeter-based protection and access measures just doesn’t work for highly dynamic and transient data. Many enterprise applications just can’t work gracefully with encrypted or similarly protected data, either, so data goes unprotected in many enterprise workflows, or it is continually protected and de-protected in an inefficient and still-vulnerable process that inhibits the much-sought-after hyper-agility. Because data is now so fast-moving, some organizations actually lose track of where all their sensitive data is in the data environment. To make matters worse, regulations mandate very particular data handling and processing guidelines, and the penalties of non-compliance can be severe. In a way, you can say that data security can actually present roadblocks to your quest for digital innovation.

Data-Centric Security to the Rescue

A data security platform can provide a holistic approach by providing key data-centric capabilities that keep data secure from first touch—during data acquisition—through the activities such as data curation and analysis and ultimately to archiving and data destruction. This provides a view of data security through the lens of the complete lifecycle of your data, not just a single stage in a workflow or a certain snapshot in time.

One key part of the workflow that many enterprises overlook is the data discovery portion, which is critical to implementing the right policies and protection measures. Finding your sensitive enterprise data importantly helps to determine its lineage and various uses within the organization, including who accesses it and which applications process it. Effective data discovery creates additional efficiencies by enabling you to protect only sensitive data and datasets within your repositories rather than taking an all-or-nothing approach. You’ll gain a more granular understanding of your data and the level of risk within your repositories.

Once these usage patterns are uncovered, you can work without the risk of unknowns in your data ecosystem, applying the right controls and data-centric protection which enables you to protect sensitive information while being able to work with it in its protected state.

The Real Value of Data-Centric Protection

Data-centric security enables you to secure the data itself, rather than borders and perimeters around it, by replacing sensitive information with benign placeholders. It travels with your data, which helps to secure all that transient cloud-based data around which you would never be able to define traditional perimeters. More importantly, though, your data analytics applications do not have to be modified to work with data-centric protection, nor does the data itself need to be de-protected except in very specific workflow-specific instances. The reason is that data-centric security preserves the original format of the protected data element. Therefore, you can retain and analyze the correlations and relationships between and among data elements as though it were de-protected.

Trevor J. Morgan is responsible for product management at comforte AG (https://www.comforte.com/, where he is dedicated to developing and bringing to market enterprise data protection solutions. He has spent the majority of his career in technology organizations bringing to market software, hardware and services for enterprise and government customers. He has held senior-level, lead positions in sales engineering, product management, software architecture and product marketing in companies like Cisco, Capital One and Ciena. He holds a Ph.D. from Texas Tech University and a bachelor’s and master’s from Baylor University.

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.