TrustLogix was delighted to participate in a webinar panel titled, “Mastering Cloud Defense: Balancing Data Security, Multi-Clouds, & Stakeholders.” Panelists included:
- Jessica Gulick, CEO Katzcy—Moderator
- Ganesh Kirti, CEO and Founder, TrustLogix
- Nathan Vega, Vice President, Product Marketing & Strategy, Protegrity
This was a free-flowing discussion that covered the significant challenges—and solutions—of managing data security in the cloud era, with all the complexities inherent in aligning computing, IT, security, and privacy, and the needs of a diverse ecosystem of stakeholders, including various data owners, business lines, suppliers, partners, and consumers.
Below, we captured some key takeaways from Ganesh's remarks.
You can also access the full webinar recording.
Key Takeaways:
Ganesh Kirti, Founder and CEO, TrustLogix
- Data is moving into different places and you know data share happens. Now the data is sitting in Snowflake, they want to share the data with maybe a Redshift database or some other databases like Salesforce.com. So the data is moving into other layers. These things are very common now and immediately, that you may not even realize people are doing this because it's so easy.
- When we look at data consumers and data workers, you know,it’s not just the data scientists and data analysts, but also it includes LLMs and applications, service accounts, bots and ETL workflows, but they're all these, I call them data workers, in that category.
- There are more than 70-80 ways people access data and that's really where the challenge comes in. You know, first of all, how do you get people to give access to the data? Right there is a challenge because there's a lot of business-sensitive data. You know security people are really, really careful and they have to approve it; it takes longer approval cycles. So there is a challenge of getting these data workers to get them access in the right way and at the right time with the least privileges.
- Security is usually perceived as a blocker in general. So it doesn't have to be that and I think the very first thing and the most important thing in my mind, anyone should do and everyone should do is get visibility. You know, we'll just start putting some visibility controls in your environment so that you know what is going on. You know who's got access to what. What are they doing? You know are they even using the data. Once you have that visibility, you can methodically go step by step and then put some preventative controls and then you can go build defensible audits and reporting.
- Every vendor has built their own security and that's really where it becomes complex because each company has multiple clouds and it's their responsibility to secure that data. Even though the cloud vendors have very good security infrastructure, still it's a customer responsibility. So they do have to have some third party tool or automated way of securing access to the data, not just access controls but masking, tokenization and and various things around that based on the PII, PII datasets. Look for third party partners that are really experts in this space.
- We understand what is going on with data and we partnered with companies like AWS, Snowflake and Databricks to really collaborate with them. So the way we are helping is we give a simple process to streamline how we can bring people together, security and data owners, where they can collaborate.
