Large profile data breaches have become a part of our daily reality. Shouldn't the move to the data cloud make organizations more secure? Turns out, making sense of the who, what, where, and how of data use is only getting more complex. Join us to learn about how to protect your data with Zero Trust Architecture.
We'll cover the common security mistakes organizations make in the data cloud, and the tactics that attackers use to take advantage of them. By the end of the session, you'll learn new approaches that help your security or DevOps teams observe, control, and protect data.
3. 3
Agenda
Data Cloud and Challenges in Securing It
Common Attacker Tactics and Techniques
Application of Zero Trust Architecture in Data Cloud
Cyral’s Approach to Data Cloud Security
Q&A
5. 5
Digital Growth Initiatives are Driving Adoption of the Data Cloud
Exponential Data Growth
• Footprint expansion
• Heterogeneous workloads
Data Democratization
• Broad access to data
• No single gateway
Shadow Adoption
• Developer-led design
• Platform interoperability
6. What are Some Common Security
Challenges in the Data Cloud?
6
7. 7
Transition to Cloud Requires Us to Rethink Security
Secured by numerous established security vendors
?
8. 8
Challenges with the Data Cloud
LACK OF IDENTITY
NO SUPPORT OF SAML/OIDC
LACK OF VISIBILITY
EXPENSIVE AND COMPLEX
LACK OF ACCESS CONTROL
USERS, APPS, TOOLS, SERVICES
9. 9
Data Is at the Heart of Zero Trust
DataPeople
Devices
Apps
Workloads
Visibility
& Analytics
Automation
& Orchestration
10. What Are Some Threat Tactics that
Attackers Commonly Use?
10
18. How Can Zero Trust Architecture
Help Secure the Data Cloud?
18
19. 19
Securing Data with Zero Trust
Data
Discovery and Classification
Flow Mapping
Risk Assessment
Security Controls & Mitigation
De-Identification
Rights Management
Data In-Use Protection
Encryption and Tokenization
Data Loss Prevention
20. Intercept and record all signals from all data sources
Understand true data footprint
Enrich data activity logs with user context
Deliver single log source with uniform logging syntax
Integrate with all intersection points
Prioritize IAM and SIEM/UEBA
Introduce granular segmentation and least privilege
Obfuscate any sensitive information
20
Key Steps to Zero Trust
Observe
Data Endpoints
Understand
Context
Integrate with
Security Program
Manage
Access
1
2
3
4
22. 22
Cyral: Security for the Data Cloud
OBSERVE CONTROL PROTECT
• Logs, metrics, traces
• Shorter debugging cycle, MTTR
• Faster audits, incident response
• Enable SSO / MFA
• Implement least privilege, SoD
• Extend Zero Trust to data cloud
• Alert or block threats
• Enforce tenant security
• Stop targeted data breaches
23. 23
Cyral and Zero Trust
Observe
Data Endpoints
Understand
Context
Manage Access
Integrate with
Security Program
1
2
3
4
Logs
Full IAM Context Client/App Context
Single Sign-On
Segregation of
Duties
Least Privilege
CI/CD integration Security Analytics Incident Response
Metrics Traces
24. 24
Cyral vs. Data Cloud Threats
Exposed Data Endpoints
Shared Credentials
SQL Injections
Recon Scans
Plaintext Communication
DB Password Spraying
Trickle Exfiltration
Alerting on suspicious and unauthorized access
Integration with IAM providers
Alerting on SQL injections
Alerting on recon scans
Encryption enforcement and bypass protection
Alerting on password spraying
Alerting on trickle exfiltration