Data Security in a Multi-Cloud World...

Jul 22, 2021 8:24:36 AM

 

DatSecSecuring and protecting enterprise data is at the center of the modern security plan. There are many considerations for organizations that aim to move critical workloads and data stores to the cloud, and understanding how business-critical data will be accessed, stored, and secured is a paramount concern.


Organizations are also facing significant increases in regulations around data classification and data privacy. GDPR and CCPA regulators are starting to issue violations, and as the various courts issue verdicts, the scope of how data privacy is regulated (and the impacts that will have on organizations big and small) will add complexity to a crowded regulatory framework.

In an exclusive research study conducted for IBM, Enterprise Management Associates recently polled over 200 technical leaders and practitioners from organizations of 500 employees or more. They represented industries from 10 different verticals, providing an excellent cross-section of organizations, all impacted by data privacy and security in different ways.

Some key takeaways from the study include:

  • Data Security: Nearly all of those surveyed (95.1%) indicated that data security is a critical or very important factor in their organizations, and 74% have integrated data security and privacy as part of their organization's overall security strategy.
  • Data Privacy: 82% of those surveyed are currently evaluating data privacy solutions, and almost three-quarters (74%) believe that their strategy regarding data privacy is a major differentiator in the marketplace.

  • Zero Trust: In this survey, 73% of organizations were investigating or planning to launch a zero trust project, and of that group, nearly all (94%) stated that data privacy is a primary driver for starting their zero trust project. Also, 96% are looking for a zero trust vendor with a complete, comprehensive solution, and 94% believe it is important to work with an experienced, established zero trust leader.

  • Security Tools: Of organizations surveyed, 64% report that two or more of their tools are at least somewhat redundant, and 75% currently use three or more tools to secure their hybrid multi-cloud environments.

  • Security Silos: While 56% of respondents said that they are working to break down barriers between their security teams and other divisions within the organizations, 36% indicated that security teams sometimes, rarely, or never work with other technical teams for problem resolution.
As organizations are turning to security vendors to understand data privacy regulations and for guidance on their zero trust projects and solutions, it is critical for vendors to understand the challenges facing the enterprise and how they can best provide solutions and tools to address those challenges. The enterprise is also looking to experienced vendors with a proven track record with zero trust implementations that are able to address and assist with all aspects of a zero trust project, instead of one-off specific features.

IBM is a leader in zero trust, and their data security solutions are unmatched in the industry. With Guardium Insights, the organization can adapt and scale as their hybrid cloud environments evolve, centralizing data security and privacy management, reducing compliance efforts, and understanding user access and permissions across multiple data and infrastructure sources to support a zero trust approach.

For more information about this survey and Guardium Insights, visit https://www.ibm.com/products/guardium-insights to learn about the IBM approach to data security and privacy, as well as their best-in-class zero trust solution.
Chris Steffen

Written by Chris Steffen

Christopher Steffen, CISSP, CISA, is the managing research director of information security/risk and compliance management for Enterprise Management Associates, a leading industry analyst and consulting firm that provides deep insight across the full spectrum of IT and data management technologies. Before EMA, he served as the CIO for a financial services firm, focusing on FedRAMP compliance and security. He has also served in executive and leadership roles in numerous industry verticals. Steffen has presented at numerous industry conferences and has been interviewed by multiple online and print media sources. Steffen holds over a dozen technical certifications, including CISSP and CISA.

    Lists by Topic

    see all

    Posts by Topic

    see all

    Recent Posts