Skip to content

How To Protect Cloud Data Anywhere Using A Data Security Mesh


It was, literally and figuratively, the perfect storm. A blizzard forced everyone from a Wall Street wealth management firm to work from home. At the same time, clients were denied access to their information and called their contacts at the firm understandably concerned. The operations team determined that with the data analysts working from home, the internet pipe was heavily loaded and dropping packets.

Although this issue was quickly fixed, it raised a red flag at the next partner meeting. For some time, the CIO had been advocating a move of the data store to the cloud, but the potential downtime associated with such a decision pushed it into the “some other time” category. Now, a cloud migration seemed to be the only viable solution to prevent a repeat of the aforementioned incident — or worse.

Situations like this were a precursor to organizations strongly considering the cloud, and the pandemic accelerated a hyperconnected world where remote work is prominent and cloud migrations frequent. With these changes, IT departments realize that the old perimeter approach to security is antiquated, and they need a security ideology that embraces the idea of location independence. This strategy is called a data security mesh.

Defining The Data Security Mesh 

Gartner designated a cybersecurity mesh approach as one of its Top Strategic Technology Trends for 2021 and said that it “allows for the security perimeter to be defined around the identity of a person or thing. It enables a more modular, responsive security approach by centralizing policy orchestration and distributing policy enforcement.” As part of this strategy, a data security mesh is more nuanced. It exists below the network layer, focusing specifically on how data records are collected, stored, used and shared securely by each user via their individual devices.

Security policy enforcement must be applied at the data record level to achieve flexibility. Each data asset could require different security tiers, which allows organizations to scale the protection for each access point and where they interact. When implemented correctly, a data security mesh can protect data from any source to any destination while ensuring that existing workflows remain intact.

(Link to the article)

Join our newsletter

Schedule a Demo with the Baffle team

Meet with Baffle team to ask questions and find out how Baffle can protect your sensitive data.


No application code modification required


Deploy in hours not weeks


One solution for masking, tokenization, and encryption


AES cryptographic protection


No impact to user experience