Debunking Identity Data Security Myths
Stay in the Know: Subscribe to Our Blog
The convergence of data management, governance, and security presents both an opportunity and a mandate for organizations. Our panelists discuss the critical role of integrated governance frameworks that not only protect identity data, but also optimize security and compliance efforts.
Moderator: Steve Zalewski, former CISO, Levi-Strauss
Panelists:
- Steve Tout, IAM Expert & Advisor, Identient
- Bhaskar Mulugu, Head of Enterprise Data Platform, Vialto Partners
- Ganesh Kirti, CEO and Founder, TrustLogix
Key Pointers from the Discussion :
1. Identity and Access Management(IAM) today cannot work in isolation. It must be integrated with Governance to enhance privacy regulations, ensure compliance and security to keep data secure with fine-grained access controls.
2. Today, data is sourced from multiple channels, each with its own access controls. While Identity and Access Management can provide the authentication and authorization that translates into roles associated with access to specific data, tables, etc. we need to support the access controls with IAM privileges in real-time without any delay.
3. The integration of Identity and Data Security is essential to ensure that users of the identity system have access only to the data they are entitled to. Additionally, IAM and Security experts must have visibility not only into the applications and databases a user can access but also into the specific types of data available within those applications that the user can access. A solution that brings that visibility to IAM and Security experts and enables them to implement data entitlements is crucial to addressing a significant gap.
4. This solution is essential today because data teams often experience delays in accessing data due to approval processes controlled by security and IAM administrators, who may lack visibility and understanding of data usage. Integrating Identity and Data Security is necessary to facilitate efficient data access, enabling teams to leverage data effectively for business purposes.
View three key moments from the webinar speakers below. You can access the full webinar recording of “Debunking Identity Data Security Myths” above.
Steve Tout
IAM Expert & Advisor, Identient
Steve emphasizes that cybersecurity and data security professionals should learn the language of business and communicate technical concepts to business stakeholders to increase their value and bridge the communication gap between them.
Bhaskar Mulugu
Head of Enterprise Data Platform, Vialto Partners
Bhaskar views IAM as encompassing application, network, and data security as uniquely complex. IAM gives authentication and authorization, which is converted into a role and the role is associated with access to specific data, tables, etc. Data from multiple sources will have independent access controls; we need to honor access controls with IAM privileges in real-time without any lag.
Ganesh Kirti
Founder & CEO, TrustLogix
Ganesh states that traditional data security approaches, like classification, hold good if data stays in one place, but as the data moves, organizations need a more proactive approach where they monitor and govern data in terms of who is accessing it, are the people with the right entitlements accessing it, and having reporting on top of this information is crucial.