Since the advent of cloud, experts have been working on figuring out ways to secure data in the cloud estate. Several practices and technologies have been put forward, but security in the multi-cloud era remains a costly venture, one that is both complicated and cumbersome.
“You can have multiple touch points in the cloud. It’s not only your application that’s utilizing your data. There could be external entities accessing it too. Or, you could have multiple internal services, instances or users that are utilizing the data. The identity control plane is vast,” says Vinayak Shastri, Product Line Manager at Palo Alto Networks, at the recent Security Field Day event.
Sensitive Data Assets Are Scattered Across the Cloud Environment
Cloud data stores are frequently the target of cyberattacks. “Each application or a microservices app has at least ten different data stores, and within a product, we’re talking hundreds and thousands of applications,” Shastri explains.
The math is simple. When each application touches several data stores, and given the prolific number of applications organizations own today, the sum total is massive. The cloud stores lack dedicated security solution making them vulnerable to data exfiltration threats and tactics.
The question that is becoming increasingly pivotal is how can one sidestep the intricacies of cloud and keep data safe while still ensuring that it is easy to access.
With cloud storage tightly integrated in all aspects of business, organizations are syncing more data than ever before. Stats show that about 40% of cloud resources are data assets, and every enterprise keeps approximately 20+ types of data assets.
With Prisma Cloud, Palo Alto Networks offers cloud-native security for applications. “We’re able to correlate risks across the application lifecycle so that you’re able to take what you know today, correlate it back to secure everything from code to cloud,” says Mohit Bhasin, Sr. Product Marketing Manager of Prisma Cloud.
As far as keeping data secure, Prisma Cloud does a dandy job of containing risks and keeping secrets secret. But more is required to prevent the ultra-sophisticated data-related crimes of now.
Bhasin reminds, “It’s not enough to know where the risk is in production because, at the heart of most breaches, attackers are looking for data and trying to exfiltrate it.”
Data-Centric Security with Palo Alto Networks
To complement the existing feature-set, Palo Alto Networks recently integrated two critical capabilities, DSPM (Data Security Posture Management) and DDR (Data Detection and Response). Its acquisition of a company called Dig Security that specializes in Data Security Posture Management (DSPM) marked the first steps to it.
“Everything maps back to data,” says Shastri. “Data is your crown jewel and application is your level-1 information.”
In the cloud environment, the most failsafe way to prevent or minimize data loss is by enhancing visibility and putting controls in place that ensure effective posture management.
Palo Alto Networks’ is a no-agent, no-proxy solution that discovers data stores across the cloud and identifies various data types. Its core function is to provide visibility of all data assets including shadow data that exists outside the purview of IT teams.
“We don’t need an administrator to provide us a temporary password to databases. We can automatically read the data in the database as we get more information.”
Palo Alto Networks’ DSPM goes beyond the policy level and reviews access controls and configurations showing where in the cloud vulnerable data exists and how it is being utilized. “Say you come up with a set of risks, how do you prioritize severity and what is of value and what data should you be saving.”
This is backed by the second piece, Data Detection and Response. DDR enhances DSPM’s capabilities with real-time monitoring and alerting. SecOps can avail a single threat model across various environments to discover insider threats and respond swiftly through prioritization of issues based on severity.
To learn more about Palo Alto Networks’ DSPM and DDR capabilities, check out their presentations from the recent Security Field Day event. Also be sure to give Krista Macomber’s review a read on The Futurum Group website.
