During our webinar titled Data Security Platforms — Present and Future, we had the pleasure of engaging in a dynamic conversation on current data security trends with Rob Aragao (Chief Security Strategist at OpenText) and Greg Clark (WW Director of Product Management at OpenText), alongside our guest speaker, Heidi Shey (Forrester Principal Analyst).
In this lively discussion, the panel delved into several key topics. Here's a glimpse into the highlights from the conversation:
Privacy and cyber interconnection
During the webinar, Heidi shared her expert insights on the interconnected realms of privacy and cybersecurity, emphasizing the fundamental importance of data in this connection, which encompasses both employee and customer data. She highlighted that organizations face challenges in understanding, detecting, and classifying the data within their environment. According to Heidi, bridging the gap between security and privacy is essential, and she noted the positive shift towards aligning technology controls with privacy policies.
Certainly, this interconnection raises the importance of having a unified effort between security and privacy, and Rob and Greg shared their perspectives that organizational maturity is essential for addressing these challenges. They discussed the complexities of stakeholders' involvement, the need for risk assessments, and the importance of technology in preserving privacy while enhancing security postures.
Apps and data everywhere: How to get a handle
In today's digital landscape, organizations grapple with data sprawl as they utilize a multitude of applications. The proliferation of data across an organization’s diverse platforms has created a complex environment where managing, securing, and harnessing the vast amount of information has become increasingly difficult. This scenario not only raises concerns about data privacy and security but also necessitates innovative solutions to effectively navigate the complexities of this data-driven era.
To navigate these issues, Rob and Greg emphasized the necessity for organizations to gain visibility into their data to extract valuable insights and stressed the importance of data discovery and classification, highlighting the need for organizations to thoroughly understand their data environment. This approach underscores the significance of laying a solid foundation, aligning policy frameworks, and leveraging existing technology solutions to effectively manage data sprawl.
Data lifecycle management and governance
Data lifecycle management, a crucial aspect of data governance, involves orchestrating the handling of data from its creation and usage to its archival or disposal. Given its broad scope, Greg emphasized the critical importance of adopting an integrated approach to data lifecycle management and governance, encompassing data security, privacy, and compliance practices. By aligning corporate obligations with security and privacy programs, organizations can achieve a comprehensive and cohesive approach to data governance, ensuring the right data is retained for the right period, and accessibility is controlled in accordance with regulatory requirements and organizational policies.
Heidi underscored the need for organizations to proactively review their existing data retention policies, ensuring they reflect the modern data environment. Her perspective emphasized the importance of staying agile and flexible in data lifecycle management to effectively navigate the complex interplay between data security, privacy, and the ethical use of data.
Multi-cloud and the importance of data security platforms
The shift towards multi-cloud environments has become a key trend among organizations, driven by the need for flexibility and diverse service offerings from cloud service providers (CSPs). This evolution, however, has introduced complexities related to data security and management. As organizations navigate different CSPs and cloud data platforms, the challenge lies in maintaining control and consistency across these diverse environments.
Data Security Platforms have emerged as crucial solutions, offering centralized control and policy enforcement amidst the sprawl of data storage locations. These platforms not only provide essential visibility into data assets but also offer specialized coverage tailored to various cloud environments. In the context of multi-cloud, ensuring default data protection and controlled access have become paramount, emphasizing the importance of automation and unified policies in safeguarding sensitive information effectively.
Data security across industry
Data security is a multifaceted challenge encompassing various types of sensitive information within organizations. While regulated data often takes the spotlight, it is essential for businesses to broaden their definition of sensitive data, encompassing intellectual property and other corporate assets. Discussions around data security frequently revolve around expanding the understanding of what constitutes sensitive information.
Moreover, securing external data sharing and collaboration, whether in files or structured datasets, has become a significant focus area. Heidi highlighted some data-centric technology capabilities that organizations are exploring, emphasizing the importance of protecting data and controlling it before it is placed in new environments or shared with third parties for analytics. Beyond traditional Data Loss Prevention (DLP) capabilities, Heidi discussed the significance of rights management, data masking, tokenization, and privacy-preserving technologies, underscoring the need for innovative approaches in securing sensitive information.
Innovative approaches to data security
Innovation in the realm of data security is marked by automation and the integration of cutting-edge technologies. Automation, particularly in discovery and classification, has taken center stage, driven by the need to keep pace with the ever-expanding volume of data. Machine learning and AI are leveraged to enhance the accuracy and efficiency of these processes.
Notably, Heidi discussed that the concept of default data protection—where information is persistently protected by design—is gaining traction. She highlighted that privacy-preserving technologies such as data masking, encryption, differential privacy, and confidential computing are being explored to enable secure data usage and collaboration.
These innovative approaches to data security are driving a shift from implementing isolated technologies to developing comprehensive programs that address multiple use cases while ensuring that these innovations are applied strategically in a way that aligns with the organization's risk profile and privacy requirements.
Future trends in data security
Looking ahead, the future of data security hinges on adaptability and readiness for emerging challenges. A significant area of concern is the impending impact of quantum computing on encryption algorithms. Organizations are urged to assess technology providers' crypto agility, ensuring they can swiftly transition to post-quantum encryption methods.
Additionally, advancements in technology-assisted protection, driven by AI and machine learning, will continue to play a pivotal role. These technologies will not only identify sensitive information but also recommend and enforce protection measures proactively. The collaborative efforts of technology, policy, and strategic planning will be crucial in fortifying data security against evolving threats and challenges.
For an in-depth exploration of the latest advancements in Data Security Platforms, we invite you to download your copy of 'The Forrester Wave: Data Security Platforms, Q1 2023,' authored by Heidi Shey. This comprehensive guide offers a meticulous evaluation of solutions in the data security market, providing valuable insights into various criteria. Download your copy of The Forrester Wave: Data Security Platforms, Q1 2023.