Data and Identity have a symbiotic relationship, we often say they are “two sides of the same coin.” For many years we continued to toss the coin and kept landing on ”tails.” It happened so many times that it became the direction and we lead with Identity-driven decisions. Not saying this wasn't an effective direction, but it continued to lack necessary information to provide protection to our data assets. For example, least privilege access is implemented, and that’s the right thing to do but it's only the least privilege to what we know about systems, groups, applications etc. in locations that are disclosed. So the most privilege is still undiscovered. We have asked so many questions of the Identity but never have had the opportunity to marry it to the unanswered questions for the data.
Despite the rapid adoption of zero trust solutions, frameworks and philosophies, many organizations have yet to gain complete visibility into, who/what has access, and who/what accessed the organizations most sensitive data. While, many agree that data has become the fastest growing attack surface, achieving visibility across an entire data environment has become more critical than ever and no longer a nice to have, it's a must have.
Flipping this coin and having it land on “heads”, taking a Data driven decisions approach, now enables the unanswered data questions, gained data context to be merged with the identity attributes to unlock the power of the data assets, enhance security, drive innovation and truly enable business agility. This is why it is important to unify contextual data driven decisions with identity context. Risk reduction and enrichment to the effectiveness of real trust architectures are the measurable outcomes.
This is the new “Challenge Coin”
Improved Access Control: By integrating identity context, you can implement more granular access controls. This ensures that only authorized users and systems can access sensitive data based on their roles, permissions, and the context of their access request.
Example use cases why this matters
1 - Insider Threat - Quickly understand the uses of data, systems and resources for offboarders beyond user behaviors. Providing more insight for what is accessed, modified and continued visibility to both past and current uses of data. Broadening visibility and security capabilities to otherwise disjointed data ecosystems.
2 - Compliance - Quickly understand all users who have access to sensitive data and also with weak controls for example is lack of MFA.
3 - Over Permissioned Access
Understanding what sensitive data users have access to, this really becomes a significant problem with Co-Pilot. How many people have access to salaries of large groups of people in the company or large amounts of PII and they did not even know. How many have access to sensitive information but never used the access.
4 - Data to Application to System to Resource to User (Data Flow)
Quickly understand how much and which data is being consumed by applications, systems, resources and users. Understanding data sprawl, data sources and destinations, potential mis-use and visibility to sensitive data ecosystems, and visibility to the controls needed to protect this data. Multi dimensional approach to the traditional question of who has access, yielding a contextual approach to data security.
5 - Third Party Access to Sensitive Information
Quickly see all external and non-human access to sensitive data, what is the critical of the data, and what volume of sensitive data does that identity have access too.
