A new kind of software is required for secure cloud digitization, says Okera
Complications relating to data security and privacy are escalating as organizations shift operations to the cloud.
The problems become exacerbated because as organizations introduce layers of infrastructure, they face regulatory hurdles, according to one a startup that’s set out to tackle this very issue with something of a turnkey security and privacy operating system, specifically for those in the midst of digital transformation.
“There’s this explosion of the volume, velocity and variety of data,” said Nick Halsey (pictured), chief executive officer of Okera Inc. “People are really struggling with: how do I enable my digital transformation while at the same time making sure that my data is secure and that I’m respecting the privacy of my customers?”
A new category of software is required, according to Halsey.
Halsey spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio, in advance of the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event. They discussed how security and privacy requirements are changing as digitization and cloud take hold. (* Disclosure below.)
Universal data authorization
Automating the privacy policies that were traditionally built into the underlying database or the analytics tool is the answer, according to Halsey. The previous method worked in the old days but not now. Today one needs a more comprehensive system. That’s where universal data authorization comes in.
“We have too much data in too many platforms, in too many locations being accessed by too many,” Halsey said.
It’s become unwieldy, particularly as newer compliance regulations, such as the General Data Protection Regulation, for example, have been introduced by governments. Policy enforcement must now be implemented everywhere in an organization, Halsey explained. That’s straightforward on-premises, but it gets trickier the more hybrid-leaning or cloud native the organization gets.
“The old manual ways of trying to securely deliver data to people just don’t scale in today’s environments,” he said.
Too many layers and permutations complicate, for one thing. Business intelligence applications and artificial intelligence or machine learning data-driven software are examples contributing to complexity. Plus, digitization is simply scaling — one implementation Halsey referenced has a data warehouse of over 200 petabytes; another is processing 6 trillion rows of data on an average single day. All need governing.
Key to the enforcement aspects of UDA is a centralized log of what everybody is doing. Driving it is that 30% of data hacks are by internal trusted users “who have rights,” Halsey stated. “So you need to make sure that you’re managing those rights and that you’re not creating any long tails of data access privilege that can be abused.”
Event correlation and analysis allows the company to see things happening on the network and see who’s touching what, for instance, including whether they are authorized.
“I could see that [an individual] tried to get into the salary database 37 times in the last hour and maybe we don’t want to let you do that,” he added.
Enforcement turns to management
UDA is not just for enforcement. You can use it for managing data warehousing environment. One example Halsey pointed out is that by obfuscating, say, Social Security Numbers and home addresses (as is part of UDA, thus maintaining individual privacy rights), teams within the company can subsequently work with the data better — they can use it to perform market analysis, for example, because the sensitivity has been blurred.
“We still let them see the totality of the data and do the kind of analytics that drive the business,” he stated.
Another key factor is that the actual writing of policy can be simplified because each department within the organization can take on their share. In other words, it’s not just IT determining governance — which causes a bottleneck.
“You can’t centralize policy management in IT, because then everybody who wants access to the data still has to go back to IT,” Halsey said.
Using the example of a person in HR who might be managing datasets for 200 people, Halsey pointed out that responsibility can be delegated, but there is still centralized reporting and auditing. “I can see everything they’re doing, and I can see how they are applying policy,” he said.
Policies need to change to reflect the conditions on the ground. Startup companies “were always held back by the security problem. And this was before privacy rights were even a thing,” Halsey stated.
Watch the complete video interview below, and be sure to check out SiliconANGLE’s and theCUBE’s coverage of the AWS Startup Showcase: New Breakthroughs in DevOps, Analytics, and Cloud Management Tools event on September 22. (*Disclosure: Okera Inc. sponsored this segment of theCUBE. Neither Okera nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We are holding our third cloud startup showcase on Sept. 22. Click here to join the free and open Startup Showcase event.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.