C2 Summer 2020 Robust security strategy for your hybrid IT by Thomas Gloerfeld June 23, 2020 written by Thomas Gloerfeld June 23, 2020 267 [vc_row][vc_column][vc_empty_space][vc_column_text] Hybrid IT – the new normal What Is Hybrid IT? At its most basic level, hybrid IT is a blend of cloud-based and on-premises IT services. When applications and data were all maintained on-premises (or in-house) standardization was a best practise and security was much simpler. Now that the business and IT are realising the benefits of cloud services, hybrid IT is the common strategy. The new benefits of agility and flexibility brought by hybrid IT come at a cost… How do we keep these more vulnerable applications and data secure? Consequently selecting the right security strategy has become an ‘IT infrastructure must!’ The plea for data-centric security Every company is ultimately responsible for its data security, even if the data is stored in a cloud service environment. Traditional security approaches depend on perimeter-based intrusion detection, password protection, and other access-based measures. However, the industry has seen time and again that nefarious actors still find a way to steal our most valuable data. The answer is to focus on data-centric security, which travels with the data even if that data moves outside a protected perimeter. A data-centric security strategy protects the data itself and helps to protect it across IT infrastructure borders. Given the size of fines and the enormous reputational damage to corporate brands stemming from data breaches and unauthorised access to sensitive data, every business should follow two fundamental principles: Protect sensitive data as early as possible in its lifecycle De-protect data only when absolutely necessary Diverse regulatory requirements make data protection an absolute necessity. Patient health data processing regulations including HIPAA in the US, privacy regulations such as the EU’s GDPR and Brazil’s LGPD, and international transactional data regulations like PCI DSS all specify minimum standards of data protection and require compliance from organizations operating within specific domains. No matter what, the sensitive, identifiable data of persons, patients, and customers must be protected. Implementing data-centric security requires a platform that not only offers protection methods which fit your use cases, but that also integrates easily into your enterprise applications and existing cyber-security infrastructure. Ease of integration very often can be the deciding factor in determining the cost and risk associated with any data protection project. Organizations need a data protection solution that supports their current and future IT environments, whether those are on-premises, in the cloud, or a hybrid of both. Essential data protection mechanisms for data-centric security Protection mechanisms such as tokenization overcome the shortcomings of classic security solutions and are essential components of a data-centric strategy. These data protection mechanisms safeguard sensitive data while preserving its original format, giving it referential integrity and resulting in a dataset that is the same size as the original. The de-sensitised data has the identical statistical distribution as the original data to ensure that all the characteristics and properties of the dataset are preserved. This eliminates the dilemma of having to choose between security or the usability of data in business processes downstream. Tokenization also preserves the ability to perform analytics and produce reports on the data while it is still protected. How do the data protection methods work? Tokenization Tokenization replaces the original data with a randomly generated, unique placeholder of the same format. There is no mathematical relationship between the token and the original data, so hackers cannot reverse-engineer it. Format Preserving Encryption (FPE) Similar to tokenisation and unlike classic encryption, format-preserving encryption (FPE) encrypts the data in such a way that it maintains the same format as the original data. Masking Data masking anonymises sensitive data by creating a structurally similar but not authentic version of the data. Unlike tokenisation and FPE, masking is permanent; that is, it is impossible to reverse it to obtain the original values. Benefits of a data-centric security strategy By adopting a data-centric security strategy, enterprises can: Protect sensitive information within hybrid IT environments without impacting the ability to use the data in existing applications and systems Comply with regulatory mandates without prohibiting or restricting access to particular datasets containing sensitive information Prevent costly and reputation-damaging data breaches For more insights on data-centric protection, please read the ebook ‘Data-centric protection explained’. [/vc_column_text][/vc_column][/vc_row] comforteConnect ConvergeConnect Worldwidedata-centric securityEnterprise securityFPEGDPRHPEHPE user communityHybid-ITMaskingPCI DSSSummer 2020Thomas GloerfeldTokenization 0 comment 0 FacebookTwitterPinterestEmail Thomas Gloerfeld Thomas Gloerfeld is Director Partner Development & Marketing NonStop Solutions at comforte and has been associated with the NonStop community for over 25 years. Before joining comforte, he held various management positions at ACI Worldwide in Germany and the UK. In his role at comforte he manages all aspects of marketing for HPE NonStop solutions and comforte's NonStop partners. As part of his role, he closely monitors topics such as data security, risk and compliance, as well as digital transformation and connectivity. previous post Multiple HPE efforts help fight COVID-19 next post The Intelligent Recovery You may also like Why Backups Have Become Ransomware Targets and How... June 23, 2020 Editor’s Letter – Summer 2020 June 23, 2020 Around the Storage Block June 23, 2020 How Intility Uses Intelligent Storage To Improve Business... June 23, 2020 AI and COVID-19: Where to next? June 23, 2020 A Resilient Partnership June 23, 2020 Strong Q1 Positions XYPRO to Weather Pandemic and... June 23, 2020 Run containers on bare metal or VMs, on... June 23, 2020 The Intelligent Recovery June 23, 2020 Multiple HPE efforts help fight COVID-19 June 23, 2020 Leave a Comment Cancel ReplyYou must be logged in to post a comment.