Data Security Platforms Represent a New Reality in Data Protection
By Ameesh Divatia, CEO and co-founder | December 16, 2021
Since Baffle’s inception, we have enthusiastically asserted that data protection should be the North Star for any successful security initiative. The objective should not just be to adhere to data protection laws such as the GDPR (The General Data Protection Regulation) for EU citizens or the CCPA (California Consumer Privacy Act) for California residents but to take proactive steps to stop data breaches from occurring altogether. This approach aligns with the advent of cloud data analytics and data sharing as data’s value continues to skyrocket. We believe Gartner’s recent report, “ 2022 Strategic Roadmap for Data Security Platform Convergence,” echoes that data-centric sentiment and outlines how data management partnerships will evolve in the coming years.
As per Gartner, “Organizations use an increasingly complex set of security controls. Successful SRM leaders can significantly improve business utilization and data value by building a migration plan from siloed data security offerings to data security platforms enabling simpler, consistent end-to-end data security.” The report indicates, “By 2024, 30% of enterprises will have adopted DSP, up from less than 5% in 2019, due to the pent-up demand for higher levels ofdata security and the rapid increase in product capabilities.” In addition, by partnering with a DSP vendor, data controllers will spend less time managing vendor relationships and have a more comprehensive security deployment for data subjects.
The report has a great deal of valuable insight, and here are a few points that resonate as a solution provider in the data security space:
The emergence of DSPs reflects the growing complexity of data privacy and security.
When protecting data at rest on-premises was the primary security concern, protection efforts were very straightforward. But data sharing and transfer of personal data make protection more complex. Today, organizations use this sensitive data in many ways, share it with multiple parties, and store it both on-premises and in the cloud. Each use requires a specific protection method and can add yet another solution provider into the mix. Organizations dedicate more time and resources to managing a new partnership with every new provider.
As Gartner® points out, this complexity “is encouraging vendors to rapidly amalgamate disparate data security capabilities into data security platforms. organizations applying these newer platforms are securing their data better and more easily.” We could not agree more with this assessment. Protecting data with multiple solution providers is challenging because solutions do not always integrate and, in some cases, are entirely siloed from one another. DSPs represent a more efficient and comprehensive means for protecting data and preventing non-compliance with data privacy laws.
The report also tracks how quickly data security solutions have emerged in the last 10+ years. “In 2009, data security controls focused primarily on database activity monitoring (DAM) and then database security a few years later. By 2014, non-human business assets, and protection methods, like data masking and tokenization, became more prevalent. This brings us to today, where Gartner sees the DSP market as including everything from encryption and data discovery to data access governance (DAG)”. As technology evolves and more impact assessments are made, we should see new protection methods emerge.
The cloud is making comprehensive data security available to more organizations.
The Gartner report points out that cloud-based security offerings will make “most of the DSP security objects available via low threshold API integration, making best-in-class data security controls achievable and affordable for many.”
From a business perspective, these data protection principles for smaller companies mean they can securely engage in the same data analytics projects as their large-scale counterparts. And as more companies can perform data analytics, they will discover and share more and richer insights. As the adage goes, “a rising tide lifts all boats.”
Privacy-enhancing computation enables security data analytics.
We have been touting the importance of privacy-enhancing computation (PEC) techniques for some time, but seeing Gartner recognize PEC as a critical part of any DSP reaffirms our view about its strategic importance. When data sat dormant within an organization’s “four walls,” protection methods were relatively limited. But analyzing data and sharing those findings meant data had to be transformed—and usable—to ensure that situation-specific security methods were employed throughout the analytics pipeline. PECs enable that flow of information while assuring organizations their data will be protected at all times, including when it is processed, something that has never happened until now.
According to Gartner, “Enabling the secure and lawful monetization of information within the business ecosystem has become both a competitive differentiator for leading organizations and a data and analytics strategy priority.” Working with partners who provide the broadest, most comprehensive services to enable secure analytics is the way forward. The result will be a drastic reduction in data risk and increased efficiency when managing partnerships.
Baffle can help you overcome your specific data security challenges, help maintain CCPA, GDPR compliance and more. Request a demo with one of our security specialists to see how.
Gartner, 2022 Strategic Roadmap for Data Security Platform Convergence, Joerg Fritsch, Brian Lowans, David Mahdi, 28 September 2021
Gartner is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.