Axiomatics Presents Data Security Trends Emerging in 2020
More Data, Modern Technologies and New Regulations Mean Data Security is a Top Priority for IT Professionals in the Future.
CHICAGO, FEBRUARY 18, 2020
Axiomatics’ data security specialists assembled this year’s trends highlighting new techniques large enterprises are using to secure an ever-increasing amount of data. In fact, according to this report, enterprises could produce as much as 90 quintillion bytes of data each day by 2025.
“As data sources evolve and produce more data, the processes and technologies companies utilize to protect business-critical information must stay apace,” said Gerry Gebel, Axiomatics’ vice president of business development. “Modern technologies must protect information at the micro level to enable precise data access anywhere, anytime, from any device over the internet.”
Emerging 2020 trends include:
The Rise of Zero Trust Network Access (ZTNA)
As the amount of data businesses ingest explodes and employees want to access that information remotely, we will see an evolution in network access security. Traditional technologies like a virtual private network (VPN) protect the perimeter of a network by confirming the IP address and location of the user and granting them access to all data on the system. However, with information stored both on-premise and across the cloud, a single point of protection is now impossible. With cloud data located outside an enterprise-owned network boundary, organizations will move away from wide network access perimeters. Companies are shifting toward more narrow defenses that protect individual, or small groups of data resources, like zero-trust network access (ZTNA) where it is assumed that attackers may reside both within and outside the network and where users are given access to data only on a need-to-know basis.
Data Storage Systems Continue to Evolve
Businesses started migrating their data and other application resources to the cloud because cloud platforms provide simple, agile and inexpensive data storage systems compared to other database solutions. Many companies have now adopted a multi-cloud architecture where each platform’s specific security capabilities aren’t necessarily sufficient to address all security requirements. Attribute Based Access Control (ABAC) implementations support a policy-based approach to protect digital assets by providing a consistent, repeatable access model, both across and within cloud platforms.
The Combination of Development, Security and Operations Teams
DevSecOps techniques help organizations automate security processes, determine their internal best practices, securely bring new application services to production faster and continuously deliver new features. Still, many legacy identity and security technologies are not compatible with the DevSecOps model. Instead, more adaptable security solutions are coming to market to support current business initiative.
Optimizing API and Microservices Security
Leveraging APIs, microservices and service meshes to access sensitive and regulated data continues to gain popularity. However, in situations that require fine-grained access, we will see enterprises adopt a more comprehensive approach to access control by combining OAuth, an open standard for access delegation, and ABAC. When united, the two technologies complement each other to enable the proper management and governance of access scopes and cleaner APIs that are not overwhelmed with security logic.
Increasing Data Privacy Laws
The GDPR went into effect almost two years ago and we now have a much better idea of how the EU is enforcing the law. Government agencies across different states and countries are developing laws with GDPR’s data privacy standards in mind. As these regulations appear and mature, organizations must consider the impact infringements have on brand reputation. Businesses should implement security controls that protect data through a context-sensitive and risk-based access control model.
Prioritizing Data Security
It seems like a new data source emerges daily, offering organizations greater opportunity to take advantage of their data. The Internet of Things (IoT) devices, social networks, e-commerce, transactions and web applications drive huge quantities of information into data lakes for businesses to analyze and leverage for analytics. With so much data at stake, companies must control who can and cannot access that data with a fine-grained access control model.
“As companies continue to generate information and data privacy laws develop across borders, it becomes increasingly important to share that data securely across an enterprise to analyze and generate business insights,” said Gebel. “Businesses need flexible technologies like dynamic authorization delivered with ABAC to enable companies to better disperse and share meaningful business intelligence across departments.