Podcast: What is DSPM?

With the rise of the Data Security Posture Management (DSPM) category, many questions about its characteristics and uniqueness have popped up. For that, Jonathan Roizin, Flow’s CEO, was glad to participate in the “enterprise security weekly” podcast to talk and enlighten everything about DSPM.

Watch the full interview

Listen on:

How did the DSPM category get started from your perspective?

Data security was always a challenge. However, in the last few years, it has proven to be an almost impossible task due to consistent and radical changes in modern environments. Things used to be somewhat under control as environments were simple; there were one or a few places where data could be, but this is not the case anymore. The environment has become far more fragmented, and it is constantly changing. In light of this, protecting data has become more challenging than ever for security teams, thus the rise of data security posture management and the need to protect data in general.

 Does the DSPM category apply to all data flows or just the cloud?

When we talk about protecting data, it’s different from other cyber security verticals. For example, if we talk about SaaS security – we secure the SaaS. If we talk about cloud security – we secure the cloud. In data security, the perspective is not vertical but horizontal. When companies care about where they store social security numbers or credit card numbers, they want to see it all around. Hence, data security must be viewed from a broader perspective and must be considered everywhere data flows. There is a lot of focus on the cloud, but it’s only part of the picture.

Data today include so many shapes, and it is so difficult to classify. What is Flow’s approach to that challenge?

The fact that data comes in different shapes and can be everywhere is actually a positive thing. This is what made working with data so easy in the last few years and for R&D teams is a blessing. However, it is a nightmare for security teams that must discover, classify, and protect data. This challenge can be explained by the term “Data Liquidity” – data can flow everywhere and is almost like a liquid that you have to locate. This is why DSPM tools must refer to that data’s characteristics and challenges whenever they want to discover and classify data properly.   

DSPM is an evolution of pre-existing data security products like DLP, or is it revolutionary? Do they have anything in common?

DSPM platforms are also able to provide solutions to pre-existing products like DLP, but there is nothing to compare between what exists today in the DSPM category to previous categories. The DLP category tends to gain a bad reputation as a category that affects business continuity. However, the DSPM category is an enabler solution as it allows companies to continue to deploy and develop as fast as possible without taking the risk of data leakage in their environment. 

How would you describe the process of using Flow’s DSPM product?

When we are talking about data, we cannot protect what we don’t know exists, so the first step is discovering and classifying the data. Based on that, there are different use cases. Among them is policy enforcement – ensuring that data is stored in the right place. In addition, a risk assessment is automatically performed in order to find misconfigurations or situations where your data may be at risk. Egress management is another example of ensuring data does not leave the environment unintentionally. Also, it’s vital to understand that it’s not just about the data but also about the context and metadata. It’s not enough to find data like PII where it shouldn’t be, it’s also critical to understand which application it is related to, which business unit it belongs to, or what is the full journey of the data – where it came from and who should be contacted by the security team to resolve that potential problem?

All of these capabilities are part of the whole platform called data security posture management (DSPM), which is what every DSPM platform aims to accomplish.

 How and where does Flow discover the data itself?

Organizations want to see data wherever it flows, not only in one place. Many DSPM vendors today do cloud DSPM, connecting to cloud providers like Azure, AWS, and GCP and scanning them, which is great but somewhat partial.

This is Flow’s biggest differentiator, as we look at data not only at rest but also in motion. We analyze data flows from databases and unmanaged databases through their journey within and outside applications to external services like SaaS providers, external data stores, shadow databases, etc. Our ability to analyze data at rest as well as data in motion allows us to be the only DSPM platform that covers all the bases.