Data security
Trend 5: Enhanced security at all touchpoints with integrated data protection and classification tools
Data loss prevention (DLP) tools protect on-premises data at endpoints, during transit, and at rest. DLP can be integrated with a CASB to ensure the same DLP policies are applied to cloud-hosted data. User entity behavior analysis capabilities in a CASB can be used to provide role-based access control to applications or cloud-hosted data and detect suspicious user access activity. Anomalies and incidents are logged and available for audit and better decision-making.
Further, DLP detection capabilities can be augmented with data classification solutions. These solutions can add metadata fields to sensitive documents and emails, which can help DLP tools identify sensitive information faster with fewer false positives and fewer rules. The classification tools can also call various encryption applications, such as information rights management (IRM) for protecting files and emails containing sensitive information, especially when sent outside the organization.
All these data protection technologies must further integrate with security information and event management (SIEM) tools for correlation and incident detection. The central security operations team can act as needed.
A Switzerland-based agro trading company wanted to implement an integrated data protection strategy to protect its intellectual property and sensitive information. After a holistic assessment, multiple data protection tools were implemented, including Symantec DLP, O365 DLP with AIP data classification, IRM, and an MCAS solution. These were integrated with the Azure Sentinel SIEM for centralized event correlation and SNOW, an online ticketing system. A Microsoft Power BI-based solution was also implemented for analytics and reporting.
Data security
Trend 6: Certificate life cycle management and automation gain consideration
With increasing cloud adoption and remote connections, the number of certificates in the environment has gone up drastically. In the transition phase, a valid certificate for secure communication became essential. Generally, enterprise-level certificates will have two years of expiry. In recent times, where most companies have completed two years of cloud adoption, we have seen many application downtime issues because of expired certificates. There are multiple reasons for this, including:
- Manual tracking and management of SSL keys and certificates.
- The time-consuming, application-dependent, four-step process for certificate request generation.
- Unplanned certificate-related outages causing business disruption.
- Downtime due to certificate renewal and replacement.
Following strategies, including certificate life cycle management and possibly automation of certificate rotation solutions, are gaining attention:
- Cost management by finalizing architecture and future-proof planning for the use case that can be fulfilled with an internal or external certificate.
- Inventory standardization for certificate discovery and application mapping.
- Reduction in human errors by automating the certificate request generation and installation processes.
- Prevention and remediation of unplanned outages of applications due to certificate expiry.
- Improvement in governance and reporting for crypto compliance and standards.
- Automation of certificate generation and renewal.
A global financial services firm implemented a certificate life cycle management solution for its North American unit. This was done using Venafi's solution to improve client experience. With the help of Infosys, the company integrated the solution into its environment to leverage out-of-the-box drivers and implement certificate renewal automation.
