The Gartner Hype Cycle For Data Security, 2022, is out, providing a look at how data security tools will likely evolve over the next decade.
Data Security Posture Management (or simply DSPM) is a new technology in this year’s report.
Brian Lowans, Joerg Fritsch, and Andrew Bales define DSPM, explain the business impact, why it is important, obstacles, drivers, and make user recommendations when considering this technology.
Here are our five key takeaways from the report:
1. Companys’ environments have changed, and so should data security solutions
Enterprises of all sizes continue to invest heavily in technology stacks as they transition to modern cloud application architectures. This new era promises many benefits for the developers but has also led to significant data sprawl and major difficulties in securing data. With the widespread adoption of modern architectures, securing sensitive data such as PII, PHI, financial information, and intellectual property has become a near-impossible task. Traditional data mapping and protection, such as manual questionnaires and scans, are insufficient, leading to the rise of the Data Security Posture Management category.
“Organizations face challenges mitigating data security and privacy risks as data rapidly proliferates across multicloud and hybrid IT architectures.”
2. Today more than ever, data is everywhere
In modern environments, sensitive data is fragmented over thousands of applications, data stores, and SaaS providers in an ever-changing architecture. This requires a full mapping of all data flows and data stores inside and outside the public cloud, on-prem, including external services and shadow DBs. Effective DSPM solution must map all the sensitive data inside and outside the application environments.
“Need to map and track the evolution and data lineage across structured and unstructured formats, and across all potential data locations and shadow data, is critical to achieve consistent analysis. This is an emerging driver that is currently in evolution .”
3. Understanding data’s entire journey is necessary
Today’s data is more fluid than ever before. Therefore, an essential requirement of DSPMs is their ability to analyze the complete data lineage, including access and application context. By understanding the full data “story”, DSPM’s ability to protect data rise significantly. Furthermore, security teams can collaborate and remediate data risks effectively and accurately, as a data flow map provides complete visibility of the business context and impact.
“Data security posture management (DSPM) provides visibility as to where sensitive data is, who has access to that data, how it has been used and what the security posture of the data store or application is. This requires a data flow analysis to determine the data sensitivity. DSPM forms the basis of a data risk assessment (DRA) to evaluate the implementation of data security governance (DSG) policies .”
4. Keeping data protected requires reducing exposure
When protecting data, it is vital to take a holistic view of all the elements that expose data and put it at risk for a potential breach. The solution must be able to reduce the data exposure caused by various factors such as over-permissive access, external and egress data exposure, anomalous geos, and cloud architecture misconfigurations.
“Need to protect data against exposure (e.g., cloud misconfigurations, excessive access privileges or data residency risks that arise due to geographic locations and access pathways to data)”
5. Real-time data flow analysis is a key factor for Data security
Real-time observability is essential for instant alerts detection of risks and policy violations. Identifying potential data breaches in real-time allows security teams to act effectively with minimal response time in comparison to scheduled data scans which lead to significant blindspots.
“Combination of data observability features, such as real-time visibility into data flows, risk and compliance with data security controls, with the objective to identify security gaps and undue exposure”
Gartner’s Hype Cycle for Data Security introduced DSPM as the new category on the rise, showing the way in which data security tools must change in order to adapt to the new world; discovering unknown sensitive data, mapping data flows, managing access, and reducing risks with real-time analysis. Flow security is extremely proud to be recognized as one of the vendors mentioned under the DSPM category. Flow offers the only DSPM platform that completely covers DSPM capabilities, such as data flow mapping, data lineage analysis, and real-time risk detection by analyzing data both in motion and at rest.
Gartner, Hype Cycle for Data Security, 2022, Published 4 August 2022
GARTNER and Hype Cycle are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner® does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner® research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner® disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.