Data-centric is a hot buzzword in the security world right now. A data-centric security approach highlights the security of the data itself instead of network, server, or application security and includes the following processes:
Data-centric, Zero Trust, Beyond Corp, or Perimeterless
Regardless of what buzzword you want to use, data-centric is a requirement in today’s world because the content is created on the edge outside of the traditional corporate network and can live its life entirely outside of the corporate network. Created in online SaaS applications and stored & shared in cloud storage locations. How do organizations protect data that lives outside the corporate network?
A quick search online will find many zero-trust or data-centric security products that focus on a few of the required processes. SIEMs can log all activity from multiple sources and report suspicious activity. CASB can enforce single sign on to implement access policies. What about data stored or created in non-IT sponsored solutions?
One more process dimension to fix unanswered questions from above plus let’s remove the human error element in data protection
Opt-out adds a dimension to the data-centric or Zero Trust concept by declaring that by default all data should be protected. Users should not have to decide if the content is sensitive or not. Users can’t be trusted to make the right decision. Legacy data protection solutions required users to select files to protect. User decisions are the leading cause of data breaches.
In an opt-out solution, new files and derivatives are automatically protected and receive the same access control as the original or similar files. Copying a chart from a spreadsheet and pasting the chart into a presentation automatically applies the access control of the original spreadsheet to the new presentation. Files accidentally emailed to the wrong person can never be accessed because the recipient is not an authorized user.
Consider an opt-out data-centric security solution.