BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Top 10 Hot Data Security And Privacy Technologies

Following
This article is more than 6 years old.

Forrester

Almost 60% of the adult population in the U.S. found out recently that their personal data—names, social security numbers, birth dates, addresses, driver's license numbers—could be in the hands of criminals. The disclosure of the data breach came from Equifax, a company name they probably did not recognize. The 145.5 million people impacted certainly never entrusted their personal details to its care.

A new European Union regulation—the General Data Protection Regulation (GDPR)—will go into effect in seven months, strengthening and unifying data protection for individuals, giving them control over their personal data. As it also regulates the export of personal data outside the EU, it affects all businesses, including non-European, operating in the EU. 58% of respondents to a recent survey, however, indicated that their organizations are not fully aware of the consequences of noncompliance with GDPR. While the GDPR gives individuals the right to request that their personal data be erased or ported to another organization, 48% of the respondents said it’s a challenge to find specific personal data within their own databases.

The GDPR puts the maximum penalty for a violation at 4% of worldwide revenues of the offending organization. To help cybersecurity and privacy professionals prepare for a future in which their organizations will increasingly be held accountable for the data on consumers they collect, analyze and sell, Forrester Research investigated the current state of the 20 most important data protection tools. Based on Forrester’s analysis, here’s my list of the 10 hottest data security and privacy technologies:

  1. Cloud data protection (CDP): Encrypting sensitive data before it goes to the cloud with the enterprise (not the cloud provider) maintaining the keys. Protects from unwelcomed government surveillance and helps remove some of the biggest impediments to cloud adoption—security, compliance, and privacy concerns. Sample vendors: Bitglass, CipherCloud, Cisco, Netskope, Skyhigh Networks, Symantec, and Vaultive.
  2. Tokenization: Substituting a randomly generated value—the token—for sensitive data such as credit card numbers, bank account numbers, and social security numbers. After tokenization, the mapping of the token to its original data is stored in a hardened database. Unlike encryption, there is no mathematical relationship between the token and its original data; to reverse the tokenization, a hacker must have access to the mapping database. Sample vendors: CyberSource (Visa), Gemalto, Liaison, MasterCard, MerchantLink, Micro Focus (HPE), Paymetric, ProPay, Protegrity, Shift4, Symantec (Perspecsys), Thales e-Security, TokenEx, TrustCommerce, and Verifone.
  3. Big data encryption: Using encryption and other obfuscation techniques to obscure data in relational databases as well as data stored in the distributed computing architectures of big data platforms, to protect personal privacy, achieve compliance, and reduce the impact of cyber attacks and accidental data leaks. Sample vendors: Gemalto, IBM, Micro Focus (HPE), Thales e-Security, and Zettaset.
  4. Data access governance: Providing visibility into what and where sensitive data exists, and data access permissions and activities, allowing organizations to manage data access permissions and identify sensitive stale data. These tools help automate, at scale, the challenge of addressing the low-hanging fruit of data protection—sensitive data discovery and cleaning up data access permissions to enforce least privilege—as data volumes skyrocket. Sample vendors: Core Security, Netwrix, RSA, SailPoint, STEALTHbits, and Varonis.
  5. Consent/data subject rights management: Managing consent of customers and employees, as well as enforcing their rights over the personal data that they share, allowing organizations to search, identify, segment, and amend personal data as necessary. Sample vendors: BigID, ConsentCheq, Evidon, IBM, Kudos, OneTrust, Proteus-Cyber (GDPReady Plus), TrustArc, and trust-hub.
  6. Data privacy management solutions: Platforms that help operationalize privacy processes and practices, supporting privacy by design and meeting compliance requirements and initiating auditable workflows. Sample vendors: Nymity, OneTrust, Proteus-Cyber, and TrustArc.
  7. Data discovery and flow mapping: Scanning data repositories and resources to identify existing sensitive data, classifying it appropriately in order to identify compliance issues, apply the right security controls, or make decisions about storage optimization, deletion, archiving, legal holds, and other data governance matters.  Data flow mapping capabilities help to understand how data is used and moves through the business. Sample vendors: Active Navigation, ALEX Solutions, AvePoint, BigID, Covertix, Dataguise, Global IDs, Ground Labs, Heureka Software, IBM, Nuix, OneTrust, Spirion, TITUS, trust-hub, and Varonis.
  8. Data classification: Parsing structured and unstructured data, looking for data that matches predefined patterns or custom policies. Many tools support both user-driven and automated classification capabilities. Classification is the foundation of data security, says Forrester, to better understand and prioritize what the organization needs to protect. It also helps companies better define how employees should handle data appropriately to meet security and privacy requirements. Sample vendors: AvePoint, Boldon James, Concept Searching, dataglobal, GhangorCloud, Microsoft (Azure Information Protection), NextLabs, Spirion, and TITUS.
  9. Enterprise key management (EKM): Unifying the disparate encryption key life-cycle processes across heterogeneous products. Key management solutions store, distribute, renew, and retire keys on a large scale across many types of encryption products. Sample vendors: Dyadic, Gemalto (Safenet), IBM, Micro Focus (HPE), and Thales e-Security.
  10. Application-level encryption: Encrypting data within the app itself as it’s generated or processed and before it’s committed and stored at the database level. It enables fine-grained encryption policies and protects sensitive data at every tier in the computing and storage stack and wherever data is copied or transmitted. Only authenticated, authorized app users can access the data; even database admins can’t access encrypted data. Sample vendors: Gemalto, Micro Focus (HPE), and Thales e-Security.

Forrester concludes: “Perimeter-based approaches to security have become outdated. Security and privacy pros must take a data-centric approach to make certain that security travels with the data itself—not only to protect it from cybercriminals but also to ensure that privacy policies remain in effect.”

Follow me on Twitter or LinkedInCheck out my website