Data Security Platform: Protect Across Multiple Data Types, Silos, and Ecosystems

Gartner recently recognized Privacera as a representative vendor in a new solution category: Data Security Platform (DSP). So, just what are data security platforms? Gartner has defined the DSP as a unified solution that aggregates data protection requirements across data types, data storage silos, and data ecosystems, beginning with data discovery and data classification. This is especially critical, since for many organizations, data is likely to be processed and stored in public cloud services including infrastructure-based, platform-based and software-as-a-service (SaaS). This has created a level of complexity that requires organizations to manage their data security far more effectively. 

Protection of the data itself is obviously a key function of a DSP. This is accomplished using a combination of fine-grained data access controls, data masking, and data encryption. A DSP provides observability into the data environment and also includes data access monitoring (DAM) as well as data audit and reporting capabilities that can be used for compliance purposes and data risk assessments.

Why DSP? Why Now?

DSPs aggregate individually-mature technologies, but the process of integrating these technologies is immature and still emerging. Traditionally, data security has been delivered by disparate products, which has resulted in operational inefficiencies and an inability to support, for example, data risk assessments, open data, commercial data, and internal innovations and collaborations involving data. DSPs provide consolidated security and protection capabilities for data by aggregating formerly siloed capabilities under a common policy instrument, significantly streamlining data security. Especially in cloud-based data stores, a DSP reduces integration costs, manual work, and friction by connecting previously disparate data security controls and capabilities.

Furthermore, the data security market is evolving rapidly in response to several dynamics:

• Sensitive data is a constant target: Costly, high-profile data breaches, disruptive attacker techniques like ransomware, and the resulting havoc to consumers and businesses have increased the attention paid to sensitive data like personally identifiable information (PII) (see graph, below).
• Cloud is king: The transition of data lakes and digital resources to the cloud continues unabated. According to a Statista report, as of 2022, over 60 percent of all corporate data is stored in the cloud, a share that’s grown from 30 percent in 2015 as companies increasingly shift their resources into cloud environments with the goal of improving security, reliability, and business agility.
• Budget control is a key focus of IT organizations, especially in the current economy: There’s a strong trend towards consolidation of data security architecture and tools in response to the demand for greater operational efficiencies. Each of these factors has driven the need for a definitive product category that addresses these issues: the DSP.

Security and Scale at Velocity Requires Automation

Automation is key to achieving control over data security as organizations scale their data environments. For example, in November 2022, Cybersecurity Drive reported that Walmart Global Tech annually processes 6 trillion data points through its security operations centers, which is just part of the telemetry logs it consumes. Performing this function manually is impossible. Automation and machine learning are essential to managing and monitoring data, controlling costs, and achieving greater operational efficiency. Household name-brand Fortune 100 companies in financial services or retail sectors represent a very different attack surface compared to the average company, making them a bigger target.

A DSP addresses this challenge by significantly increasing the visibility of, and control over, data and its usage beyond the core privacy-related compliance goals to include behavioral monitoring. This places organizations in a much stronger position to secure their data. Increased visibility and control enables more secure data flows between individuals, businesses, and governments. 

Data Security Platform Challenges

Adopting a DSP is becoming a necessity and has undeniable benefits. But it would be simplistic and misleading to assume the transition will happen with the push of a button. DSP adoption will likely include a lengthy transition process involving many aspects of an organization. Data security projects that run off the rails can easily cause months of IT problems and potentially increase business risk. Therefore, it’s critical for organizations adopting a DSP to align themselves with a data security and governance solution provider who has a consistent track record of successfully introducing new capabilities, strategic partnerships with leading cloud data service providers, and years of experience working with large global enterprises.

Another emerging capability, data security as a service (DSaaS), may eventually mature faster than DSPs. A SaaS option proves more attractive to organizations who need to lower their capital expenditure but are willing to accept an increase in operational costs.

Privacera Recognized by Gartner as “Broad-Spectrum” Data Security Platform Vendor

By Gartner’s definition, the DSP market includes a limited number of DSP vendors with a broad range of capabilities (“broad-spectrum DSPs”), and others that concentrate on one particular capability (“specialized DSPs”). Gartner notes that as more enterprises adopt advanced analytics and cloud-based data lakes, they will prefer broad-spectrum DSPs.

A broad-spectrum DSP generally combines data discovery and policy definition capabilities across silos with unified late-binding access controls exceeding the scope and granularity of those enforced by data stores. Popular late-binding access controls used by DSPs are cryptographic technologies such as format-preserving encryption (FPE), dynamic data masking (DDM), and proprietary connectors and agents.

Recognized as a sample vendor by Gartner in a recent report, Privacera is a broad-spectrum DSP that can be deployed as a SaaS-based service or as on-premises software. Privacera’s high-level capabilities include:

• Automated sensitive data discovery: Leverage sophisticated heuristics, pattern matching and dictionary or lookup tables to quickly identify, tag, and classify sensitive data.
• Dynamic, fine-grained access controls: Create consistent role, attribute and tag-based access control policies at the table, file, row and column levels across multiple cloud services.
• Data masking, encryption and governance: Enable a comprehensive data access and management platform for the automation of policy enforcement. 
• Distributed, cloud-native policy enforcement: Configure access control policies and encryption across diverse cloud data and analytics services for all users through a unified, single pane of glass.
• Instant visibility into data assets: Support regulatory and corporate compliance initiatives with audit and reporting capabilities. Data access is monitored for anomalous behavior, and alerts are automatically generated when sensitive data is accessed or moved.

Take the next step in your DSP journey. Learn more about DSP business impact, drivers, and expert recommendations with your free copy of the Gartner Hype Cycle for Data Security, 2023.