Data Security Posture Management (DSPM) is a rising star in the cybersecurity world, and for good reason. With so many diverse environments, complex pipelines, and random repositories, important data often ends up in the wrong places, or worse – lost in the cloud without anybody knowing it.
This “shadow data” can undermine an organization’s security posture entirely, leaving countless “ticking time bombs” for attackers to find and detonate. In their report, Innovation Insight: Data Security Posture Management, Gartner reviews the timeliness of DSPM and what it can do for hard-to-reach data that other tools leave behind.
Three major takeaways:
1. DSPM uses data lineage to track data at all times.
“DSPM solutions can use data lineage to discover, identify and map data, across structured and unstructured data repositories, that relies on integrations with, for example, specific infrastructure, databases and CSPs,” the report states.
Data lineage is almost as big of a buzzword today as DSPM. In fact, the two are practically inseparable. Data lineage is the process of tracking pieces of information from their inception to their final destination, noting and monitoring any (and all) changes along the way. It’s like attaching a GPS tracker to your data so it never gets lost. How’s that for thwarting shadow data?
Gartner points out that DSPMs can leverage this powerful capability in specific ways, with data lineage software that integrates with an organization’s particular infrastructure or its CSP of choice.
2. Today’s digital complexity means more lost data.
“The proliferation of data across cloud service platforms (CSPs) and geographic boundaries is creating a need for technologies to discover and locate unknown or unused data repositories,” notes Gartner.
Let’s talk about the spread of data and where that can lead. According to IBM, a solid 35% of all breaches this year involved information stored “in unmanaged sources” (aka shadow data). Additionally, those types of breaches took over 26% longer to contain and ended up costing more than breaches of other varieties.
Let’s face it. Much gets lost in the inner gears of a cloud service platform, in which customers can access servers, databases, applications, and storage all through the internet and all via the same provider. It’s important to keep in mind that cloud service providers operate on a shared responsibility model when it comes to security. That means you need to read the fine print. They’ll offer such-and-such protections out of the box, but there is still much that isn’t covered. The expectation is that the client will account for those additional cloud security gaps, and DSPM is one of the main ways in which they can do that.
Note, however, that while DSPM secures data in the cloud, it is not to be confused with its close counterpart, Cloud Security Posture Management (CSPM). While DSPM follows and protects data across environments (cloud and otherwise), CSPM focuses solely on securing cloud infrastructure and protecting it against compliance and security risks. This just drives home the point that even with CSPM on the market, the need for more granular data protection in the cloud is so great that DSPM is poised to experience substantial growth – already a $94 billion market, it is projected to double by 2031.
3. Organizations need to make sure DSPM providers can do the following…
“Assess DSPM solutions’ abilities to use data lineage to identify sensitive structured and unstructured data, to map this data’s geographic locations, and to identify potential access and exposure risks exposed by data pipelines,” Gartner admonishes.
This is quite a handful of capabilities, from discovering every sensitive data asset to tracking where it’s been around the world, to determining if something went wrong along the way. While the list of DSPM vendors mentioned in the Gartner report can all identify shadow data and trace its flow, it has been noted that “not all vendors offer comprehensive capabilities across every area.” Some vendors have integrated DSPM into broader data security portfolios, while others have only recently emerged from ‘stealth mode’ and are at different stages of venture capital investment.
This just proves Gartner’s point that “Security and risk management leaders have several important steps to take when reviewing the capabilities of, and deploying DSPM technologies.”
Conclusion
While the ‘democratization’ of data—or the ability of nearly anyone on any team in an enterprise to purchase, install, and use various SaaS services—has allowed for widespread optimization and efficiency, it has also created many hidden liabilities. Keeping track of data on-premises is hard enough. Losing track of data in the cloud—especially across multiple complex ecosystems and various geographies—is almost a given.
Gartner is bringing DSPM to the forefront as a bespoke solution that can handle the demands of herding digital cats. With its unique ability to scour sensitive assets in hidden repositories, classify them, track them, and monitor them to their ultimate end, Data Security Posture Management is doing what desperately needs to be done in the complex world of multi-environment cybersecurity – and what nothing else does.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
