What My Kids Taught Me About Data Security
For many of us (myself included), the perimeter/enclave concepts of security are so ingrained, that it’s easy to forget that we need to follow the data. I was reminded of this recently while watching my kids play with their toys.
At Cyberhaven we have built a uniquely data-centric approach to security. Conceptually, data-centric security is a pretty simple idea — an organization’s visibility, assessment of risk, and policy enforcement should be able to follow the data.
This approach acknowledges that for most organizations today, the perimeter is everywhere. Assets and applications are in the cloud, users are remote and collaborating, and the data that drives it all is always on the move. This opens countless ways for data to be exposed, lost, or misused. However, if our security context can follow the data itself, then we can also protect that data no matter where it goes. This means security teams can embrace the new ways that employees need to work without losing control.
However, for many of us (myself included), the perimeter/enclave concepts of security are so ingrained, that it’s easy to forget that we need to follow the data. I was reminded of this recently while watching my kids play with their toys. Sounds strange, but I’ll explain.
The Toys Don’t Stay in the Box
Like most parents, my kids’ rooms are constantly cycling between order and chaos. At the end of the day, all the toys need to be put away in the toy box. But the next day, the kids naturally go grab their favorite toy to play with, then another, and another, and pretty soon there are toys all over the place. This is normal, after all, this is what toys are for.
However, this is a lesson here for data security. Most organizations today try to secure their data at the level of the toy box. Security controls are often tied to the applications or locations (e.g. databases, file shares, etc.) where the data is centrally stored. But in the same way that kids will grab toys to play with them, end-users often need to go get data to do their work. This is normal and expected behavior. Yet, for many organizations, the visibility and control over that data stops as soon as the data leaves the protected enclave. Security teams typically can’t see where that data is shared, how it is modified, or if copies are made. The chaos and risk are the highest when the toys are out of the box, yet this is precisely where traditional security is the weakest.
To make matters worse, most enterprises have dozens of figurative toy boxes to manage. This could include Dropbox, SharePoint, Google Drive, code repositories, or any number of local or SaaS-based applications.
Cyberhaven Lets You Follow the Data
Cyberhaven’s data-centric approach provides a way out of the toy box problem. Data is continuously tracked no matter where it goes in the enterprise or how it is transformed. Every copy or derivative of a file or piece of data is tracked across every user and application. This means that security teams can not only keep track of where their sensitive data should be, but where it really is.
Most importantly, Cyberhaven translates this visibility to real-time enforcement so that data stays protected. Policies can prevent data from accidentally or intentionally being shared to unapproved locations or in risky ways. For example, if a user downloaded a file from the corporate Dropbox account, Cyberhaven can prevent the user from accidentally uploading the file to a personal Dropbox after making edits. The solution also keeps track of sensitive content over any number of steps and transformations such as if a user renamed a file, converted into a different file format, or copy/pasted the sensitive content into another file or application. The security context and policy follow the data no matter what.
This approach has the power to resolve some of the thorniest problems facing security teams today. Instead of trying to replace a single large perimeter with countless small perimeters, Cyberhaven seamlessly extends across the modern enterprise. Instead of trying to cobble together multiple security tools, each with their own blindspots, teams can see and control their risk in a unified view. Instead of losing control when users download data, policy remains vigilant no matter where data lives or how it is transformed.
This is just one example of the power of a data-centric approach to security. However, hopefully it helps to provide a reminder that when we put the focus on what we want to protect, that security can get a lot simpler and a lot more effective. To learn more contact the Cyberhaven team.