The pace at which traditional companies have building digital products and customer experiences has grown during the past two years, but now it’s accelerating even faster. Companies are using automation and artificial intelligence to change the way they operate, allowing dramatically faster processes and deep insights into customer behavior. Likewise, companies are transforming their product and service lines with innovative offerings they would never have considered in the past. All of this is producing a lot of data, and increasing security concerns.
Having worked as a CIO for many years at places like Qualys and Pure Storage, I decided I would only advise companies where I would buy their product. Veza is one of those companies which I have been fortunate to have advised from it’s inception. After I first met it’s Tarun Thakur and seen it being built to it’s launch I believe Veza is poised to provide long term value, as a key part of the security equation that’s currently missing from most companies’ IT strategies.
Accelerated cloud migration is changing company habits
Investments in digital transformation are expected to keep accelerating: one IDC survey forecasts that digital transformation initiatives will account for more than half of IT and communications spending by 2024. Cloud services are essential for digital transformation because they permit new ways to engage with customers, suppliers and business partners in ways that would be difficult, if not impossible, with legacy IT. Also driving cloud transformation is the sudden shift to remote and hybrid work, initiated by the pandemic but a trend that seems likely to remain permanent for many companies.
Digital transformation means migrating legacy IT infrastructure, applications, and communications systems to modern cloud-hosted solutions. Once organizations shift from legacy systems to cloud-based solutions, they typically end up with an exponential increase in the volume of data that security teams need to protect.
The data security challenge
The move to modern cloud infrastructure and SaaS applications means data previously siloed in on-premises data stores is now consolidated into cloud and data lakes. And new data is being created at a dizzying pace as well. Increasingly, businesses are embedding software into their product offerings and customer experiences, gathering more data that lets them understand customer behavior and respond accordingly. Taking telemetry from sensors, processing online orders, and automating processes are just some examples of how new forms of data can enter an ecosystem.
As companies evolve into data-driven businesses, they now have an influx of information coming in from various sources, at least some of which is sensitive or personally identifiable information. And all of that data needs strong access controls and protection.
Regardless of their industry, businesses undergoing digital transformation are becoming technology companies. Data has become a huge asset, even for non-technical companies, creating a more attractive target for theft and misuse. And with regulators stepping up enforcement of privacy laws, companies are realizing they need to make data security a top priority, not just for privacy and compliance, but to maintain a basic level of customer trust. Protecting cloud data and securing these new digital offerings for authorized remote access can be much more difficult than securing enterprise infrastructure and endpoints. But it simply has to be done.
Limitations of current data security tools
Just as moving legacy IT to the cloud requires a new architecture, traditional tools aren’t sufficient to safeguard cloud data. Existing auditing and compliance tools require too many manual processes, and current application security and privileged access management tools don’t provide the visibility necessary to intelligently automate access controls at scale. It’s not reasonable to expect already overburdened DevOps teams to address this ever-growing challenge. Their focus should be on agility and productivity, not security.What’s needed is a reliable software solution.
While there are numerous cloud data security solutions available, very few are properly focused on the reality that organizations are going to continue to dramatically expand their use of cloud platforms over time. The volume of data is going to increase accordingly, and any solution for providing secure, reliable, appropriate access to that data 24/7 has to scale seamlessly.
In these new data-driven environments, forward-thinking CIOs and CISOs need to consider the following questions:
• Do the right people have seamless access to the right data stores?
• Do they also have access to data they didn’t need, or don’t need anymore?
• How are authorizations approved, including special requests?
• How is data access controlled, visualized, recorded, and made auditable?
Veza is a comprehensive platform that’s purpose-built to address all of these questions. For companies increasing their investment in data-driven, dynamic environments, Veza provides data authorization that scales, starting with a complete, understandable map of exactly who is authorized to access which data under what condition across all data stores. With APIs that link to specific data stores, system administrators can then confidently automate authorization to ensure that the right people always have access to the right data at the right time, based on that organization’s policies and the roles and privileges of every user, even as those roles and privileges change over time.
This powerful, centralized, transparent approach puts organizations in control of their data again, even in fast-moving, multi-cloud environments being accessed by complex workforces all over the world. If you’re curious about Veza, I strongly encourage you to find out more at www.veza.com.
5 Actionable Strategies to Improve Security Posture
We did a deep dive into cyber security, identity security, and evolving digital threats. Implement…
A field guide to bad permissions part 2: expired permissions
Why expired permissions go unnoticed The main reason expired permissions go unnoticed is that it’s…