Data Entitlements Architecture Inspired by the mRNA Vaccine

COVID has consumed our mindshare for the past two years, but the wave of mRNA vaccines has been an amazing weapon in our arsenal to combat the spread of the virus. I read a great Twitter thread that explained how the mRNA vaccines work and why they’re so amazing. It’s a two minute read so please click over to Twitter and check it out (go for the humor, stay for the knowledge).

https://twitter.com/wheatnoil/status/1339624815137722368

In particular, the bit about the vaccine only carrying instructions to help the body’s own immune system do what it does best really resonated with me. It parallels the approach we’ve taken for Data Security Governance here at TrustLogix and extending that out a bit, I thought there was a broader analogy to be drawn.

 

Two Thumbs

 

Let’s start with the biggie. What is the virus or the disease? In our analogy the disease is all the ills created by data proliferation into cloud platforms like Snowflake, Databricks, and AWS Redshift leading to challenges like:

  • Dark data that is ungoverned and unprotected
  • Inconsistent application of security policies
  • Lack of visibility into inappropriate data access and over-privileged users
  • Long delays in getting data into the hands of analysts and data scientists

 

Cloud Data Platforms Have Their Own "Natural Immune Systems"

In our analogy, Cloud Data Platforms (Snowflake, Databricks, Redshift and the like) are all like various human bodies. They each have their own “natural immune systems” which are the rich set of internal security constructs and controls that are built into those platforms. However, like the body’s immune system, those controls don’t yet know what the “virus” looks like. So while they’re capable of protecting themselves, they don’t (yet) know what to protect themselves from.

Proxy Architecture is like Lockdown / Social Distancing

In spring of 2020 long before any vaccine was even on the horizon, the world went into lockdown and started implementing social distancing. While the lockdown was initially effective, over time people started breaking social distancing rules and masking protocols, significantly reducing its effectiveness at stopping the spread. And it led to significant negative ripple effects including the loss of livelihood, massive disruption of the economy, and the Great Resignation. 

Similarly, proxy-based security architectures have limited effectiveness and cause significant downstream issues. When initially deployed, all traffic to the protected data platform is funneled through the proxy, but this leads to ripple effects including slowing down the processes by which data consumers get access and significant performance impacts in the data access transactions themselves. 

And the strength of the solution erodes over time as people deal with those side effects by using Shadow IT tools to directly access the data, circumventing the security purpose for which the proxy was deployed in the first place. 

Agent-Based Architecture is like a Live Vaccine

Vaccines are better than lockdowns, but there are different types of vaccines. Traditional vaccines that have been around for over two centuries now are “Live Attenuated Vaccines” or just Live Vaccines. These deliver a stunted or mild version of the virus or disease to the body such that the body’s natural immune system builds up its defenses as it fights off the virus. While better than lockdown protocols, live vaccines are certainly intrusive and take a much longer time to develop. 

This is comparable to agent-based security architectures for Data Security Governance. Agents are better than Proxies, but are more difficult to implement and are intrusive in an organization’s cloud architecture. They also create dependencies within the architecture and constrain and complicate upgrade cycles and calcify the organization’s architecture over time. 

mRNA Vaccines Exemplify Agentless, Serverless, Proxyless Architecture

As we saw from the Twitter thread at the beginning of this post, the genius of the mRNA vaccine lies in the fact that it only delivers instructions to the body’s own natural defenses so that by the time an actual infection occurs, the body’s immune system is equipped to handle it on its own.

This is exactly the architecture that we’ve built into the TrustLogix platform. A key component of our platform is called the Trustlet. Just like the mRNA vaccine, Trustlets interface with Snowflake, Databricks, Redshift, and other platforms to model security policies natively into each of those platforms. TrustLogix helps those platforms’ own natural defenses get set up to protect themselves from threats. 

This approach is agentless, serverless, and proxyless making it completely non-intrusive for an organization’s architecture. More importantly, it speeds up how quickly data consumers are able to request and get access to important information, and creates zero performance overhead at runtime when the data is being accessed. 

Conclusion

If we think about data breaches as the scourge of the cloud era, then we need to think about the most effective way to protect ourselves from that virus. If a non-intrusive, high-performance, and fully effective data security solution sounds attractive, ask your Information Security provider if TrustLogix could be right for you.

 

framework-for-practical-data-security