This article appeared on February 2, 2021, in IT Toolbox. Written by Gerry Gebel the Vice president of business development at Axiomatics.
The security and regulatory risks surrounding data lakes and big data require a modern approach to enterprise access control. Gerry Gebel, Vice President of Business Development at Axiomatics, discusses how a multi-dimensional security model that enables fine-grained access control can help IT teams analyze data securely, whether on-premise or in the cloud.
When “Big Data” was the most popular buzzword in information management, businesses quickly adopted data lakes and large data stores. As the potential of big data grew, organizations invested heavily in new data systems to analyze their information and promptly uncover actionable business intelligence that can improve ROI.
The promise of uncovering fundamental business insights must be approached with other perspectives in mind, namely the potential for personal privacy legislation, intellectual property protection, and general data protection. Enterprises have realized they must first protect sensitive information assets if they want to share, merge and analyze diverse data sources.
Additionally, data privacy laws like the General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA) shifted priorities. These complex regulations imposed strict privacy standards on businesses relating to the control, location, access, and digital assets usage. Compliance and security is now a top priority, requiring an updated approach to protect large data stores.
Connecting applications to specific data systems and managing security for each system left enterprises vulnerable to security threats and fines if systems are misconfigured or if there is a gap in security coverage. Instead of a legacy approach, businesses required a multidimensional data security model that met the demands of the digital age.
Why Multidimensional Security Is a Must
The complexities of big data and data privacy laws extend industrywide. For example, pharmaceutical companies analyze massive amounts of research data from multiple sources to promptly analyze clinical trial information. Not only are there rules and regulations around sharing sensitive data, but pharmaceutical researchers require access restrictions for double-blinding studies to ensure the experimenters can’t see who receives treatment.
In another example, global banks must manage complex data privacy laws around data sharing to operate in specific geographic markets. As financial institutions produce and update easy-to-use applications to simplify banking for customers, they must also shield personal information as they share data during application production. Therefore, banks need a centralized, single layer of access control instead of different security models attached to individual applications.
Legacy security models can actually limit access to data for authorized users because techniques like role-based access are too blunt of an instrument for dynamic and diverse access scenarios. And with the exponential growth of remote work, users require far more flexibility in accessing information from locations other than the office network.
Today’s digital-savvy enterprise requires a multi-dimensional security model that delivers fine-grained access control. One technology to consider is Attribute Based Access Control (ABAC).
A Modern Approach to Enterprise Access Control
The security and regulatory risks of data lakes and big data continue to grow as more data is at stake. With ABAC, organizations add a dynamic layer of security between applications and data lakes.
ABAC technologies provide a single place to manage access control across numerous data stores, located in the cloud and on-premise. ABAC leverages a policy-based approach to control access to data. ABAC dynamically applies precise data access policies, ensuring only authorized users can access sensitive data, regardless of device or location.
Furthermore, legacy security models use coarse-grained access control policies while ABAC policies are fine-grained and feature real-time, dynamic data masking and filtering for datasets, tables, columns, rows and cells. This facilitates secure sharing of large data stores, empowering large companies to securely share sensitive data with business units, data analysts, data scientists, trusted business partners and regulatory agencies.
With a multidimensional access control model, global enterprises can quickly and securely use, share and analyze data to identify meaningful insights, trends and inform effective business decision making.