The Importance of Increased Visibility in the Cloud-First Era

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Dave Stuart of Laminar Security, a Rubrik Company, shines a light on the importance of increased visibility in the cloud-first era.

Many businesses today are stranded in a perilous transition phase. They’ve invested heavily in a “cloud first” approach — dispersing their data across multi-cloud, SaaS, and on-premise elements — and have reaped the benefits that that model affords in terms of flexibility and analytical firepower. But this dispersal, coupled with the sheer scale of data most businesses are dealing with today, has come at the expense of visibility and security. As data proliferates at an unprecedented rate, businesses are struggling to get a handle on precisely where — or what — that data is and how they can protect it.

Put simply: you cannot protect or manage data that you don’t know exists. And staying in the dark about that data isn’t an option—not when regulations are tightening on what feels like a daily basis, and the costs of a data breach continue to soar. Like termites or black mold, data blind spots can wreck your operations from the inside before you’ve even become aware of the problem.

Accordingly, in 2023, discovery and classification processes are non-negotiable for cloud-first or hybrid businesses. These processes allow for the kind of comprehensive, 360-degree visibility into sensitive data risks, without which businesses will always be vulnerable.

The Importance of Increased Visibility in the Cloud-First Era

Data Discovery and Data Classification: A Quick Definition

Data discovery and data classification boil down, respectively, to the “where” and the “what” of a business’ far-flung data arrangements. Together, they yield the kinds of crucial contextual information that keeps data safe.

Again — and this cannot be overstated — it is the data you don’t know about that should concern you most. A proper data discovery process shines a light on every corner of your cloud operation, illuminating your public clouds, your warehouses, your SaaS applications, your cloud file shares, and your on-prem storage. This light reveals not just where the data is — important enough in and of itself — but, crucially, who has access to it and who is using it.

Once all of that data is identified, the classification process begins. This process goes deeper: now you will be determining what all this data is and generating judgments as to its sensitivity.

The insights that can be gleaned from this two-pronged process are manifold. For one thing, businesses can locate and tag their most sensitive data — like credit card numbers, social security numbers, and PII — while keeping careful track of how often it’s accessed and by whom. Most importantly, it can provide a desperately needed sense of the risk posture of your most sensitive data, allowing businesses to make security decisions that are both better controlled and more precisely targeted.

Why Data Discovery and Classification Matter

The damage — reputational, financial, and regulatory — that follows from improperly leaked data can be disastrous for a business. At the same time, no business can afford to spend all of its time on defense, and overzealous security measures can have the counterintuitive effect of slowing internal operations down and frustrating employees.

This is part of why data discovery and classification are so important— they allow businesses to set strict policies and erect guardrails around that data that needs to be protected. The contextual insights generated by data discovery and classification ensure a stronger security posture, better regulatory compliance, and enhanced privacy for both your business and its customers. And it’s important to note that this isn’t an abstract concern: in fact, 68 percent of security professionals say shadow data represents the biggest security risk facing businesses today.

Why Current Approaches Fail Businesses

Before detailing the benefits of automated data discovery and classification, it is worth outlining the shortcomings of some of the approaches currently in use to achieve the same ends.

There is, most commonly, the manual approach, in which security professionals are required to liaise across teams and departments to get up-to-date information on data usage. Twenty years ago, this approach might have been feasible. In today’s complex cloud environments — in which data proliferates exponentially, minute by minute — such an approach is completely untenable: it simply cannot scale at the pace required. In 2023, data classification and discovery are processes that far exceed the abilities of even a large, well-resourced IT team.

Homegrown data mapping tools have also proven popular to date, but these present their own problems, not the least of which are the valuable engineering resources squandered on building (not to mention maintaining) these tools. Time that could be better spent handling mission-critical tasks is instead wasted on configuring APIs. And cloud-provider options are generally no better, with their usefulness extending only to the borders of their own cloud: lacking passports into the clouds of other providers, they can only see part of the overall picture.

The Importance of Cloud-native Data Discovery and Classification Tools

Cloud-native data discovery and classification tools function much differently. The full, continual visibility they provide matches the dynamic nature of the cloud— and serves as an essential foundation for all cloud data security, governance, and privacy efforts.

On every front we’ve discussed so far—from heightened security posture to stricter regulatory compliance—cloud-native data discovery and classification technology provide superior functionality. Through autonomous and continuous scanning and fine-grained, AI-enhanced categorization, it allows businesses to proactively monitor the highest-risk data and do so at scale. It can seamlessly guide hardening or remediation efforts, thus drastically reducing the risk of breach or data exfiltration.

And that’s not to mention the fact that shadow data, more often than not, contains redundant, obsolete, and trivial (ROT) data, such as abandoned backups of discontinued applications. Cloud-native data discovery and classification technology automatically flags this ROT data and streamlines the disposal process. While this might seem less urgent than security or governance, it can actually be just as significant for your bottom line, with storage costs becoming an increasingly major expense for most businesses.

If data discovery and classification were once something “nice to have,” they have since firmly transitioned to the realm of must-haves. Businesses cannot afford to dwell in darkness, given that just a single blind spot can now wreak incalculable damage on a business’s bottom line, public reputation, and long-term prospects.

In the cloud era, full illumination is the only way forward— and automated data discovery and classification tools are the only way to get there.