Organizations are developing and deploying new applications in the cloud and moving existing data assets to the cloud. Gartner says 75% of all databases will be deployed or migrated to the cloud by 2022. This trend applies to operational databases for data warehouses & data lakes used for analytics, machine learning, and artificial intelligence (AI).
DevOps practices have accelerated the speed of innovation for most enterprises adopting the cloud. These innovations have also made it harder for Information Security teams to know which new applications have been rolled out, what 3rd party APIs they use, and where and how the data is stored and accessed in cloud environments like AWS, Azure, Snowflake, and Databricks. Under the Shared Responsibility Model, the cloud service provider (CSP) is responsible for the security of the underlying infrastructure. At the same time, the customer is responsible for the security of applications and data that they run in their cloud. In the event of a data breach or ransomware attack, it is difficult to know the full extent and impact of the incident without a holistic view of cloud data. A simple, scalable way to explore data, relationships, and context can empower enterprises not just during incidence response but also for proactive protection.
Data protection regulations make no distinction between relational databases, data lakes, or file stores – all data is equally sensitive regardless of the underlying technology stack. Businesses need to understand data stores with sensitive data, following the enterprises’ governance rules, policies and regulations.
Data and cloud security teams need to have a complete inventory of their data assets in the cloud, especially the dark and shadow data stores in test or production environments that contain sensitive data. Dark data refers to data stores that are not being accessed and shadow data stores refer to copies of data which are not being governed with the same policies. Being able to see all of this information in a single place, across thousands of data stores that may be scattered across multiple cloud providers, is vital to building and implementing a consistent data security policy. Data inventory and access inventory are foundational to securing cloud environments.