Data Security in a Multi-Cloud World...

Jul 22, 2021 8:24:36 AM


DatSecSecuring and protecting enterprise data is at the center of the modern security plan. There are many considerations for organizations that aim to move critical workloads and data stores to the cloud, and understanding how business-critical data will be accessed, stored, and secured is a paramount concern.

Organizations are also facing significant increases in regulations around data classification and data privacy. GDPR and CCPA regulators are starting to issue violations, and as the various courts issue verdicts, the scope of how data privacy is regulated (and the impacts that will have on organizations big and small) will add complexity to a crowded regulatory framework.

In an exclusive research study conducted for IBM, Enterprise Management Associates recently polled over 200 technical leaders and practitioners from organizations of 500 employees or more. They represented industries from 10 different verticals, providing an excellent cross-section of organizations, all impacted by data privacy and security in different ways.

Some key takeaways from the study include:

  • Data Security: Nearly all of those surveyed (95.1%) indicated that data security is a critical or very important factor in their organizations, and 74% have integrated data security and privacy as part of their organization's overall security strategy.
  • Data Privacy: 82% of those surveyed are currently evaluating data privacy solutions, and almost three-quarters (74%) believe that their strategy regarding data privacy is a major differentiator in the marketplace.

  • Zero Trust: In this survey, 73% of organizations were investigating or planning to launch a zero trust project, and of that group, nearly all (94%) stated that data privacy is a primary driver for starting their zero trust project. Also, 96% are looking for a zero trust vendor with a complete, comprehensive solution, and 94% believe it is important to work with an experienced, established zero trust leader.

  • Security Tools: Of organizations surveyed, 64% report that two or more of their tools are at least somewhat redundant, and 75% currently use three or more tools to secure their hybrid multi-cloud environments.

  • Security Silos: While 56% of respondents said that they are working to break down barriers between their security teams and other divisions within the organizations, 36% indicated that security teams sometimes, rarely, or never work with other technical teams for problem resolution.
As organizations are turning to security vendors to understand data privacy regulations and for guidance on their zero trust projects and solutions, it is critical for vendors to understand the challenges facing the enterprise and how they can best provide solutions and tools to address those challenges. The enterprise is also looking to experienced vendors with a proven track record with zero trust implementations that are able to address and assist with all aspects of a zero trust project, instead of one-off specific features.

IBM is a leader in zero trust, and their data security solutions are unmatched in the industry. With Guardium Insights, the organization can adapt and scale as their hybrid cloud environments evolve, centralizing data security and privacy management, reducing compliance efforts, and understanding user access and permissions across multiple data and infrastructure sources to support a zero trust approach.

For more information about this survey and Guardium Insights, visit to learn about the IBM approach to data security and privacy, as well as their best-in-class zero trust solution.
Chris Steffen

Written by Chris Steffen

Chris brings over 20 years of industry experience to Enterprise Management Associates, focusing on IT management/leadership, cloud security, and regulatory compliance.

Chris has had a variety of roles as a professional, from Camping Director for the Boy Scouts to Press Secretary for the Colorado Speaker of the House. His technical career started in the financial services vertical as the systems administrator for a credit reporting company. As the company continued to grow, Chris built the Network Operations, Information Security, and Technical Compliance practices before leaving as the Principal Technical Architect. He was the Director of IT for a manufacturing company and the Chief Evangelist for several technical companies, focusing on cloud security.

Prior to joining EMA, Chris served as the CIO of a financial services company and supervised the technology-related functions of the enterprise, including the development and implementation of the company’s technical vision and management of the technical staff. He also guided the company through a NIST 800-53 evaluation and successfully obtained an Authority to Operate (ATO).

Chris holds several technical certifications, including Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), and was awarded the Microsoft Most Valuable Professional Award five times for virtualization and cloud and data center management (CDM).

B.A., Political Science (Summa Cum Laude), Metropolitan State College of Denver

    Lists by Topic

    see all

    Posts by Topic

    see all

    Recent Posts