2021. What an interesting year. With the world turned upside down by a pandemic that seemingly had its sights set on...
The key to successful Enterprise Security is Data-centric Protection
Enterprise-wide data-centric protection has become the preferred strategic way to protect sensitive data in leading enterprises. Ensuring individual data elements are protected in all states across their lifecycle—at rest, in transit, and in use—data can be de-risked from theft and abuse, security and privacy compliance can be simplified, and business agility enhanced.
New technologies that underpin innovation, agility, and growth can also be embraced more rapidly by removing inevitable security and compliance concerns over live data processing.
Data-centric security works by using state-of-the-art protection methods directly applied to the data elements from capture or creation. Methods include traditional encryption, data tokenization, format-preserving encryption (FPE), and masking. A data-centric model operates on the principle of zero trust, converting sensitive data to a non-sensitive form at all times, and restricting sensitive live data exposure to a small set of readily monitored, managed and defended trusted processes or nodes.
The data-centric model inverts the traditional model of protecting the boundary around the data, which is increasingly indefensible: the protected data in effect becomes the persistent protection boundary itself, wherever it goes. When data is secured in this fashion, it can flow into low or zero-trust processing environments more freely without risk, including cloud platforms, third-party services, machine learning pipelines, file systems, transaction systems, data stores, and data lakes.
Contemporary data tokenization is often favoured as it can protect a wide variety of data without constraints or security limitations. It can preserve the meaning, value, and intent of the original sensitive data.
With a broad data-centric strategy, such sensitive data can be properly protected and de-identified to neutralize it against data breaches and streamline compliance with the regulations like PCI DSS, HIPAA, GDPR, PIPEDA, Privacy Act, or CCPA.
With data being the pervasive lifeblood of every organization, it is critical that any data-centric protection system and various integration points inside the enterprise work 100% of the time. An error or outage of the protection system or integration components in the enterprise could easily bring the business as a whole to a standstill.
For this reason, it is crucial to ensure that any data-centric protection system is evaluated for both security and critical enterprise capabilities required to deliver a truly agile yet mission-critical tokenization service to the whole organization.
Learn more about how to evaluate a comprehensive tokenization solution.
To gain an independent view on the market for data-centric security solutions, download the Leadership Compass – Database and Big Data Security by analyst firm KuppingerCole. In this report, comforte is named the ‘Overall Leader’ and the ‘Product Leader’.