This is the first blog post in the series “From the Desk of Yoran”.
Yoran Sirkis is the CEO of Covertix. A seasoned executive, Yoran has more than 20 years of experience in information security, specializing in Data/Physical Risk Management. He is also a frequent speaker at leading industry conferences.
The Need for Data Centric Security
Remember when you only had one phone and it only operated during business hours? Or when all the enterprise’s files where stored in binders in a storage room on floor -2? I do… although it does seem like a lifetime ago.
In today’s business environment, with the well-established digitization of the organization, people as well as information are everywhere.
Enterprise applications and storage are moving to the cloud, adoption of the Bring Your Own Device (BYOD) trend is growing and mobility is here to stay. The organization’s confidential data is no longer used only within the organization and this data needs to be protected. The data must be kept secure. Anywhere, anytime whether it is at rest, in motion or in use. It is the age of data centric security.
People Are Everywhere and So Is Your Data.
In the past decade we have seen a tremendous improvement in enterprise collaboration. Tools such as SharePoint and other Office 365 tools, Google Apps and DropBox, show a direct increase in productivity. The evolution of enterprise CRM solutions makes it easier than ever to ensure you never miss a business opportunity.
However, as the enterprise work environment changes, so does the threat landscape and security needs. Cyber security threats race against protection tools so organizations need to ensure they remain on the winning side of that race, with their data protected, at all times.
So while the adoption of mobility and collaboration tools does increase productivity, it also brings new security challenges. How do you protect a piece of data once it leaves the person who created it? Can you guarantee it will not be copied, forwarded to a wrong person or edited without permission? Can you keep confidential files protected even in the case of a data breach?
In addition, compliance and regulations also adapt and require persistent protection of the data wherever it resides. As owners of their data, organizations are responsible for the protection of it and as such, are accountable if it is breached.
Enterprise security officers learn to juggle these issues, but in the age of data centric security the focus is switched from top down, to bottom up. Think of how you once protected the recipe of a successful snack. Most probably handwritten, a single copy, in a safe with only one or two people having access to it. Data centric security assures the information in that copy is always secure. Even in today’s business environment where digital copies of documents are shared and accessed by different people, using multiple devices, in unknown locations.
I hope this helped clear the fog around “data centric security” and proved that is more than just a buzzword.
In my next post here I will be writing about the ROI from a data centric security solution and how it replaces multiple security solutions (such as vaults, DLP and cloud security) with a single one.
Feel free to reach out to me at firstname.lastname@example.org!