Four Steps to Reinforce Your Cloud Data Security

In today’s world of organizations racing to cloud the dynamic nature of those environments and the sprawl of techt, there is an urgent trend that has surfaced…we need to have stronger and more automated security in cloud-based environments to keep that data safe.

There is enterprise data security on-premises and cloud security for infrastructure, but nothing that secures data for everything you build and run in the cloud. Developers and data scientists are freely and rapidly capturing, copying, and manipulating sensitive data in public cloud environments, which has resulted in security and data teams losing visibility and control over data in the cloud.

Where do we turn to find solutions to help? Thankfully live events are back, as they have been sorely missed, and AWS re:Inforce is right around the corner. This AWS event is a perfect melting pot for learning and networking, and is focused for professionals interested in cloud security, compliance, identity, or privacy. Amazing – an event where you can learn how to reinforce your cloud data security!

Whether or not you are headed to AWS re:Inforce…don’t you want to learn about four surefire ways to reinforce your cloud data security? I mean, then at least you can tune in at the event to learn more about where it’s coming from.

Embed Data Security Into Your Cloud Architecture

With organizations in a race to the cloud to maintain their competitive advantage, challenges in cloud-native and multi-cloud environments are popping up just as fast. By building data security into your cloud architecture you can easily optimize for security. Data will stay safe in your cloud with only metadata sent out.

Discover and Secure Shadow Data

Increasing democratization of data in the cloud is creating one of the largest risk areas, and “Shadow Data” (abandoned, orphaned, and otherwise lost data stored in the cloud) is a primetime example. Discovering and securing this shadow data autonomously is going to give you the advantage you need to gain complete observability so that you can remediate and secure your data across clouds.

Enforce Your Sensitive Data Security Posture

Data Governance teams, tired of chasing people to find out what’s going on? With automated verification of data security posture and guided remediation you can overcome your data governance challenges for everything you build and run in the cloud.

Efficiently Ensure Compliance

Ensuring compliance efficiently can be done by leveraging automated discovery and control. Data Security Posture Management (DSPM) that enforces best data security practices and data policy, guides remediation, and reduces data attack surfaces is definitely the way to go.

In closing, the Laminar team is headed to AWS re:Inforce to learn, network, and meet with folks like you. If you are interested in learning more about how you can improve your cloud data security posture, then book your executive briefing today.

Meet us here

Laminar Exec Briefing Suite
Tue, July 26–Wed, July 27
Boston Convention and Exhibition Center
415 Summer St., Boston, MA 02210 (map)
Save your spot today!

If you liked what you saw here, then be sure to share with your co-workers and friends because we want to hear from you! Follow us on Twitter @laminarsec or find us on LinkedIn. Don’t forget to @mention us and #AWSSecurityInfo or #reinforce when spreading the word!

Data-centric Security – a CDO’s Perspective

Data is essential for organizations today, and it is the fuel that drives business. Those who are able to run relevant algorithms and analytics on relevant and readily available data,   have a competitive advantage. However, organizations face the challenge of simultaneously streamlining access to valuable data while securing and protecting it. We can meet this challenge by moving to a data-centric security model.

A Better Way to Manage Data

The way we manage and access data today is inefficient. It is messy and chaotic. Organizations have an array of siloed, legacy data systems that are accessed from a variety of platforms. The net result of this system-centric approach to data is a tangled spider web of connections overrun with overlaps and redundancy.

The system-centric approach is unnecessarily complex. It also puts the team or individual protecting the data in the position of gatekeeper. Data security can’t come at the expense of data utility. We want to access and use the data—to get as much value out of the data as possible—which means security needs to be the gate opener rather than the gatekeeper.

How can we improve data security and streamline data access simultaneously? Let’s double-click on that.

Chief Data Officers  (CDO) are accountable to create value with data End-to-End, from data management to data activation and outcome-oriented actions. Whether it is our data lake, customer data, product data, or any other kind of data, CDOs are responsible for that data wherever it sits and as it flows through the activity system of an organization and its broader ecosystem.

The goal is to facilitate access to data as effectively and efficiently as possible. A confusing mix of redundant crisscrossing and point-to-point integrations is certainly not efficient and, in a fast paced environment like the one of most businesses, is not effective either because of the lag between when data activation would have the highest value and when the ad hoc integrations make those data actually available for consumption. I would prefer to have all the data in a single content layer where we can easily manage access and reusable integrations through data access policies and APIs.

Rowing in the Same Direction

Someone has responsibility for managing and activating data in an organization, and someone must secure it. Larger companies and mature enterprises have chief information security officers (CISOs)and CDOs. Still, even in smaller or younger organizations, someone fills similar roles regardless of their titles.

Achieving this goal and changing how we manage and protect data requires cooperation and collaboration. Regardless of the exact roles or titles involved, everyone must be rowing in the same direction.

The Case for Data-centric Security

Fortunately, both CISOs and CDOs benefit from shifting to a decoupled data architecture and adopting a data-centric security model. It is easier for the CISO to maintain visibility and manage security when we remove silos, incentivize reusability and reduce complexity. At the same time, simplifying the flow of data helps the CDO minimize the cost and delays of data transfers, data migrations, and data replication that hinder their team from activating data when it’s most valuable.

Shifting the approach in this way allows the CISO and CDO to have a shared source of truth—a single platform to define their policies and manage both access and security at the same time. It reduces friction and simplifies the process for everyone involved because as long as policy conditions are met, data access can be granted automatically without sacrificing data security.

The data-centric model also accelerates development. When developers want to introduce a new feature in a system-centric model, they must spend time and effort creating redundant data pipelines. In a data-centric model where data access is managed and enforced through policies, developers can skip that part and focus on the feature itself rather than reinventing the wheel every time.

Achieving this goal is not a matter of simply flipping a switch. There is a lot of inertia behind the legacy model of siloed data systems and the system-centric approach to security. This is a transformation, and it only works if the whole organization gets on board with this operating model.

Ultimately, the data-centric model lets us move from gatekeeper to gate opener. We need to get to a place where everyone behaves with a data layer-first mindset. If we can achieve that state, we can focus on enabling access and extracting value from our data rather than worrying about sprawling data silos and struggling with continuous consolidation efforts to reduce risk and increase efficiency..

Product Update: Breaking Three Boundaries for Cloud Data Security

Breaking new boundaries

As Laminar’s VP of Product, I enjoy every time our team achieves new heights. I love innovations that truly add value for our customers. It’s exciting to break new boundaries and redefine what’s possible. Protecting your most sensitive data in a public cloud environment is hard. Engineers and data scientists build fast, collect and process data at huge volumes, are doing the right thing for the business, but don’t always have security and privacy top of mind.

Laminar has been defining a new reality for data security in the cloud across the industry. We have also been providing our clients with innovative, first in class services. As of today, we are widening our lead in the industry with several valuable new capabilities:

  • First to secure cloud data in a multi-cloud environment by adding support for Microsoft Azure.

    Multi-cloud adoption has soared due to the advantages of rapid development and minimal vendor lock-in. Gartner estimates that “more than 75% of organizations use multiple public cloud services today, and have plans to expand.” With this announcement Laminar is first in the public cloud data security market to support multi-cloud, by adding Microsoft Azure support to the existing support for Amazon AWS. This has several advantages for fast-moving enterprises:
    1. Consistent controls: With a single pane of glass across a multi-cloud environment, enterprises can apply a consistent set of data governance policies, no matter where and how that data is collected and stored. This capability empowers teams to move faster, make fewer mistakes, and ramp quicker by mastering less tools.
    2. Levelset Security: Rather than have different levels of security due to different levels of knowledge about the built-in offerings of the public clouds, Laminar provides a consistently high level of data security across all clouds.
    3. Cloud Data Catalog: Laminar creates a cloud data catalog across clouds, across tech stacks, and physical locations that contributes to true data democratization.
    4. Guided remediation: Remediation recommendations include the exact set of actions needed for that exact cloud environment, thereby increasing the efficiency of security and governance teams.
  • First to offer a full suite of data-centric security policies

    While most cloud security approaches define security policies at the infrastructure level, Laminar is now the first to offer a full suite of data-centric policies that are automatically enforced. These data-centric policies are geared towards preventing the breach or leakage of sensitive data, regardless of the cloud infrastructure that stores it. Focusing on securing the data as opposed to the infrastructure is at the root of Laminar’s Cloud Data Security Platform and enables many advantages for security teams:
    1. Increased focus and efficiency: Data-centric policies allow security teams to focus on what matters. For example, an infrastructure-centric policy would specify that all S3 buckets would not be publicly accessible. Such a policy then drives tedious, manual processes to figure out if a publicly accessible bucket was designed to be so, and what data it might store. The related but enhanced data-centric policy, that is based on a deep and precise data catalog, would only trigger when actual sensitive data is accidentally publicly exposed, regardless of where it’s stored.
    2. Process simplification: A single data-centric policy replaces multiple infrastructure-centric policies such as a policy per data asset type and per cloud environment. Thus, A data-centric approach greatly simplifies the policy setup process. In a world where security practitioners are a scarce resource, simpler, more focused processes translate into enhanced security.
    3. Reduction of risk: While securing the infrastructure and the application environment are important to prevent and stop attacks, data-centric security policies enable organizations to make sure data is not mismanaged so that at the event of a breach, blast radius is greatly reduced.
  • First to discover and classify data in self-hosted, embedded databases

    “Shadow Data” encompasses data that is not tracked by IT yet might contain sensitive information. A major category of Shadow Data is databases that are embedded into cloud compute instances (AWS EC2s or Azure VMs). As developers rapidly iterate, they easily spin up embedded, hidden data assets that are most often unprotected – and targeted by threat actors. With this announcement, Laminar is the first to support the discovery of these data assets wherever they are located, and the asynchronous, autonomous mapping and classification of the data that is stored in those assets. This has several advantages for dynamic development environments:
    1. Uncovering Shadow Data: Laminar uncovers new as well as abandoned embedded databases spun up by developers, and untracked by security teams.
    2. Autonomous: The platform autonomously and continuously discovers all data assets as they are created by developers or data scientists. Laminar is unique in being able to access data assets even without requiring users to provide credentials such as passwords. The security team is always up to date without any manual steps.
    3. Pinpointing abandoned “Lift and shift” data assets: As legacy systems are “lifted and shifted” to the cloud and then upgraded to cloud-native resources, the result is typically abandoned yet highly sensitive embedded databases that are both untracked and at high risk. Laminar ensures that these data assets are discovered and protected by default.

These are not the last firsts

In closing, I anticipate many, many more firsts with Laminar. I further anticipate that we will continue to define the public cloud data security market, and continue to provide our clients with the best cloud data security platform and services in the market.

Three Key Cloud Security Trends to Shape Your RSAC 2022 Experience

Headed to RSA Conference 2022?

RSAC is almost here again and it’s where anyone who is anyone will be there networking, learning, and exploring the latest trends and technologies in security. This is your golden ticket to capitalizing on the opportunity to gain a better understanding of the new and innovative cyber technologies and solutions that are out there from some of the best and brightest in the industry.

This year we thought we would identify three top trends that your organization should look out for at RSAC. Which is kind of perfect for this year’s theme of “Transform” because we are at a time in history where a major transformation is occurring due to the pandemic, including an accelerated trend of organizations shifting to the cloud, almost by double. The question is no longer if but instead when for organizations that have not yet begun their cloud journey.

Continue reading to hear what top three trends you should pay attention to when at RSAC!

Digital transformation – the business of going to the cloud

The era of digital transformation is upon us and now is the time where organizations must be innovative and fluid to stay ahead of the competition. In an effort to remain competitive in this rapidly changing environment, organizations need to stay on top of the latest trends in digital transformation by adapting and embracing new technologies, strategies and change. “More than half of Enterprise IT spending in key market segments will shift to the Cloud by 2025”, according to Gartner.

Data democratization and the need for cloud data security

Data democratization is a game changer. It’s allowing organizations to enable and empower the average end user in their workforce to gather and analyze data without requiring outside help. Which means that there are no gatekeepers to create bottlenecks at the gateway of the data. The result of data democratization is making better data-informed decisions and better customer experiences powered by data. Sounds great right? Well, due to a rapid and dynamic release cycle, there is going to be less time to consider, audit, or remediate gaps in data security. The downside risk means that data is seldom deleted or removed, leaving shadow data in its wake which means securing that data is next to impossible. Be sure to tune in and listen for conversations and sessions around this topic.

The future of cloud data security – Cloud Native Tools and Platforms

The mass shift to the cloud has given way to cloud-native applications becoming more prevalent since they are quite literally designed specifically to work on the cloud. These cloud-native applications seek to take advantage of the speed and efficiency of the cloud platform. This brings way to those legacy security tools designed to protect the on-premise applications rearing its ugly head. These legacy tools aren’t going to be enough to protect cloud-based resources, leaving these applications exposed to threats and open to attackers

Cloud security budgets are increasing, with 59% of the surveyed organizations expecting to increase cloud security spending next year. On average, 27% of security budgets are devoted exclusively to cloud security. Time to find out the best ways to protect

Data security at the speed of cloud — accelerate your future.

Interested in continuing the conversation to discuss cloud data security and how you can discover, prioritize, secure and monitor your cloud data? You’re in luck, we are hosting executive briefings during RSA Conference and would love to meet you there. Space is limited, so book your spot today.

Meet us here

Laminar Exec Briefing Suite

Mon June 6, 9:00 am – Tue, Jun 9, 1:00 PM

649 Mission St #500, San Francisco, CA, 94105 (map)

Save Your Spot Today!

If you liked what you saw here, then be sure to share with your co-workers and friends because we want to hear from you! Follow us on Twitter @laminarsec or find us on LinkedIn. Don’t forget to @mention us and #RSCA or #RSAC22 when spreading the word!