No one ever says, “We don’t need better security for the data we manage. There is, however, a balancing act that security professionals perform every day to get the most security out of their solutions at the lowest possible cost. As they move more workloads to cloud-native environments and more databases are introduced into an organization’s asset repository, the relationship between cost and performance changes. In this article, we’ll explain what drives changes in the cost/performance relationship and what features you need from a modern solution to maximize (and demonstrate your investment in) your database management security strategy.

While we still live in a world of on-site security, securing cloud data is a major concern. Foundry (formerly IDC) Cloud Computing Survey 2022 revealed that more than a third (35%) of IT decision makers reported data privacy and security issues, while another third (34%) mentioned that their organization lacked the skills and expertise needed to keep cloud data secure. A quarter (25%) cited securing and protecting cloud resources as an issue.

For most businesses, migrating to the cloud is uncharted territory; both in terms of managing data sources and understanding the threat landscape. Security professionals are finding growing infrastructure to manage, more difficult auditing and reporting, and potentially longer incident response and resolution times. They also recognize the importance of investing to meet these challenges. In reality, more than three quarters (78%) of IT and security professionals say the differences between cloud-native and on-premises cloud applications and infrastructure require a separate set of security policies and processes. These differences led to purchasing more security controls, which led to increased complexity. Seventy percent point out that too many tools are needed to protect public cloud environments.

What specific strategies should organizations implement to ensure sufficient database security on-premises and in the cloud to maximize both efficiency and investment?

A unified approach to data protection

Organizations need to consolidate multiple data security tools or upgrade from an outdated legacy solution to simplify the infrastructure. Today, organizations of all sizes and across industries can leverage the capabilities of a data-centric security framework.

Whether managing data repositories on-premises or in multi-cloud or hybrid environments, your data security solution should enable you to apply proactive controls and predictive analytics so that security analysts and Organizational governance personnel can leverage activity monitoring capabilities, security assessments, risk modeling, and attack detection to prevent harmful data breaches or compliance failures. The solution must be able to identify behaviors that violate data usage policy across the entire data repository. It should then apply advanced risk analysis to detect indicators of malicious internal activity or compromised user accounts that may evade data repository access controls and circumvent data encryption.

The benefits of this unified approach are easy to quantify. According to Ponemon cost of a data breach in 2021 study, the average cost of a breach is $4.24 million, so even additional percentages of risk reduction through comprehensive coverage of all data repositories provides a significant return on investment.

End-to-end visibility of sensitive data

Traditional data security tools have always struggled to manage sensitive data. A recent Enterprise Strategy Group (ESG) study of 304 IT professionals said 57% of respondents said they believed more than 20% to 50% of their sensitive data already stored in the public cloud was likely insufficiently secure. Sixty-one percent of respondents said they had lost data or suspected they had lost data.

Your data security solution should eliminate blind spots for security and governance teams by providing visibility into how sensitive data is stored, shared, and used, even in the cloud. It should also unify enterprise-wide security controls and protect structured and unstructured data, including privacy-related personal data. To keep the infrastructure simple, the solution should automate data security and compliance tasks that were previously done manually, such as reporting and incident management.

Again, quantifying the benefits is straightforward. The 2022 Privacy Incident Benchmark Report found that organizations that leverage automated incident management solutions reduced the time to comply with breach notification after a data breach by 169 hours (22% per incident), or the equivalent of seven days .

Seamless integration with all data repositories

A unified solution that can gain visibility into all data repositories and manage the sensitive data they contain is impossible if the solution does not integrate seamlessly into all environments. Your solution should have built-in integrations with widely used enterprise data repositories and security ecosystem solutions such as SIEM tools and CMDB tools. It should also work seamlessly with cloud infrastructure from AWS, Azure, Google, and others, as well as traditional on-premises infrastructure from network and storage providers.

Find the right modern data security solution for your organization

To learn more about Imperva’s approach to data protection, please contact your Imperva Account Representative.

Imperva Data Security Fabric (DSF) provides centralized data security in legacy and modern cloud environments by automating risk detection, protection, and response for all data across multi-cloud and hybrid environments. Imperva DSF makes it easier for customers to understand and mitigate data risks at every stage of their security journey across structured, semi-structured, and unstructured data.

The post office The Business Case for Modernizing On-Premises and Cloud Database Security appeared first on Blog.

*** This is a syndicated blog from the Security Bloggers Network of Blog written by Bruce Lynch. Read the original post at:

Source link


5 Reasons Your Family Business Needs a Good Lawyer - Corporate Law and Company Law


4 categories your business needs that contribute to a winning culture

Check Also