SlideShare ist ein Scribd-Unternehmen logo

The New Framework for Modern Data Privacy and Security

Als PPTX, PDF herunterladen
S
Sara Goodison

A new framework is required to ensure privacy and control data. In this webinar, Cyral is pleased to host privacy engineering expert Nishant Bhajaria -- Head of Technical Privacy, Engineering and Architecture for Uber, and former privacy leader at Google, Netflix, and Nike -- in a discussion with our CTO Srini Vadlamani on the 4 core components of a modern data privacy and security architecture.

Ingenieurwesen
1 von 26
1 The New Framework for Modern Data Privacy and Security
2 Agenda Dealing with data security at scale A new framework: Discover, Classify, Segment, Enforce How Cyral can help Q&A Online Retail App Example
Introductions 3
4 Introductions Nishant Bhajaria Head of Technical Privacy, Engineering & Architecture Uber Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
The Data Cloud Security Challenge 5
6 Digital Growth Initiatives are Driving Adoption of the Data Cloud Continuous Development • Quickly deliver new experiences • Exponential increase in data Data Democratization • Become a data driven business • IT not the single gateway to data Infrastructure as Code • Platform interoperability • Heterogenous data services
7 Data is growing at an unprecedented rate
8 Personalization leads to massive incremental increase in data Transactions Web Behavior Mobile Activity Email Behavior Social Behavior Preferences Demographics 1% User Growth DataVolume 2-3X Data Growth
9 Data is now everywhere
10 Data is now everywhere I don’t know where my data is Am I collecting the same data many times over? Am I collecting the wrong data? 3rd party data sharing How do legal and product teams work together? How/when to leverage AI/ML and automation?
What is one to do? 11
12 Managing data security and privacy at scale DISCOVER CLASSIFY SEGMENT ENFORCE
13 Step 1: Discover 1 Tribal knowledge-based AI/ML based2 • Lack of a priori models • Training datasets hard to find • Tribal knowledge to get started LESSONS LEARNED • Co-opt both data platform and data science teams
Backend Team Frontend Team 14 Step 2: Classify Classify Minimize Collect Analyze LESSONS LEARNED • Use differential controls for sensitive data (e.g. location data) • Calibrate data collection • Is it the right amount? • Is it the right quality? • Get backend / frontend teams to collaborate
15 Step 3: Segment Policy as Code Engine LESSONS LEARNED • Decouple application code from policy engine • Policy as Code simplifies collaboration, versioning • Compliance / privacy teams own policies • Dictate data collection, storage, retention, access
16 Step 4: Enforce LESSONS LEARNED • Find a happy medium between complete lockdown and the wild west • Build classification/tagging first before enforcing using AI • Rotate / revoke / recertify encryption keys periodically • Time box sensitive data access • Anonymize / aggregate for analytics teams
Applying the Framework 17
18 Online Retail App Example Compliance Needs • Retention capped to order lifetime • Access limited to order fulfillment Business Analysis Needs • Buying patterns • Seasonality • App vs Website traffic
19 Online Retail App Example
How Cyral can help 20
21 Managing data security and privacy at scale DISCOVER CLASSIFY SEGMENT ENFORCE
22 Technology: Stateless Interception for Data Endpoint Requests Sidecars Deployed locally • Stateless interception of data requests • All data and logs remain private • Deployed by DevOps, no change to apps STRUCTURED AND SEMI-STRUCTURED DATA STORES TOOLS, USERS, APPS, SERVICES SaaS Control Plane Observe Protect Control
23 Security as Code Model 1 Deployment as Code Use existing workflows • DevOps deployment • Infra-as-Code model 3 Policies as Code Use existing source code tools • CI/CD integration • ChatOps model 2 Automated observability Use existing dashboards • API-first architecture • No learning curve
• The four-pillar framework to build trust and reduce risk • Discover: Identify where all your sensitive data is • Classify: Calibrate, analyze and minimize data being collected • Segment: Identify rules of access by co-opting compliance, product and business teams • Enforce: Control access using time-boxing, data anonymization and key rotation • Remember to • Exhaust tribal knowledge before starting with AI/ML and automation • Decouple writing and enforcing of security policies • Find a happy medium between complete lockdown and the wild west 24 Summary & Key Takeaways
Q&A 25
26 Q&A Nishant Bhajaria Head of Technical Privacy, Engineering & Architecture Uber Srini Vadlamani Chief Technology Officer, Co-Founder Cyral

Empfohlen

Data gravity unlock the value of your data with data aware storage
Data gravity unlock the value of your data with data aware storageData gravity unlock the value of your data with data aware storage
Data gravity unlock the value of your data with data aware storage
VLCM2015
 
Accellion SC Congress Chicago Presentation 2014
Accellion SC Congress Chicago Presentation 2014Accellion SC Congress Chicago Presentation 2014
Accellion SC Congress Chicago Presentation 2014
Proofpoint
 
2016 Network Security Outlook
2016 Network Security Outlook2016 Network Security Outlook
2016 Network Security Outlook
Western NRG
 
SoftAge ScanE
SoftAge ScanESoftAge ScanE
SoftAge ScanE
SoftAge Information Technology Limited
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
Gosia Fraser
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine Intelligence
Bit Stew Systems
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Peter Bihr
 
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2016
 

Empfohlen

Data gravity unlock the value of your data with data aware storage
Data gravity unlock the value of your data with data aware storageData gravity unlock the value of your data with data aware storage
Data gravity unlock the value of your data with data aware storage
VLCM2015
 
Accellion SC Congress Chicago Presentation 2014
Accellion SC Congress Chicago Presentation 2014Accellion SC Congress Chicago Presentation 2014
Accellion SC Congress Chicago Presentation 2014
Proofpoint
 
2016 Network Security Outlook
2016 Network Security Outlook2016 Network Security Outlook
2016 Network Security Outlook
Western NRG
 
SoftAge ScanE
SoftAge ScanESoftAge ScanE
SoftAge ScanE
SoftAge Information Technology Limited
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
Gosia Fraser
 
Solving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine IntelligenceSolving Industrial Data Integration with Machine Intelligence
Solving Industrial Data Integration with Machine Intelligence
Bit Stew Systems
 
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina TorinoTrustable Tech Mark / Magic Monday at Casa Jasmina Torino
Trustable Tech Mark / Magic Monday at Casa Jasmina Torino
Peter Bihr
 
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2013: L’evoluzione della sicurezza verso la nuova era della Smar...
festival ICT 2016
 
Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile Analytics
Bit Stew Systems
 
Inventory of IoT slide sets
Inventory of IoT slide setsInventory of IoT slide sets
Inventory of IoT slide sets
Bob Marcus
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
JonesSmith7
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
Sara Goodison
 
SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer MobileSharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
Bitzer Mobile, now part of Oracle
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...
JonesSmith7
 
xsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Engxsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Eng
Rob Christ
 
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
OnRamp
 
SouthData | Billing, Scanning, Networking | Print and Electronic Documents
SouthData | Billing, Scanning, Networking | Print and Electronic DocumentsSouthData | Billing, Scanning, Networking | Print and Electronic Documents
SouthData | Billing, Scanning, Networking | Print and Electronic Documents
Michael May
 
Immuta Overview - February 2016
Immuta Overview - February 2016Immuta Overview - February 2016
Immuta Overview - February 2016
John Sarazen
 
Digital Life of Things
Digital Life of ThingsDigital Life of Things
Digital Life of Things
Stan Nazarenko
 
Azure for Education Ktadeka UCL Cloud Event 2013
Azure for Education Ktadeka UCL Cloud Event 2013Azure for Education Ktadeka UCL Cloud Event 2013
Azure for Education Ktadeka UCL Cloud Event 2013
Lee Stott
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES.eu
 
5 questions to ask before bringing AI to your business
5 questions to ask before bringing AI to your business5 questions to ask before bringing AI to your business
5 questions to ask before bringing AI to your business
JOS Group
 
What is Cloud and what are the best practices?
What is Cloud and what are the best practices?What is Cloud and what are the best practices?
What is Cloud and what are the best practices?
IndSightsResearchSG
 
Content Collaboration - Prevent data loss in a global digital future
Content Collaboration - Prevent data loss in a global digital futureContent Collaboration - Prevent data loss in a global digital future
Content Collaboration - Prevent data loss in a global digital future
Axway
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)
ijcisjournal
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
Boyd Neil
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth
 
dataEstate® - Reimagining data governance for the Legal industry
dataEstate® - Reimagining data governance for the Legal industrydataEstate® - Reimagining data governance for the Legal industry
dataEstate® - Reimagining data governance for the Legal industry
Morane Decriem
 
How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computing
David Strom
 
Driving Business Value Through Agile Data Assets
Driving Business Value Through Agile Data AssetsDriving Business Value Through Agile Data Assets
Driving Business Value Through Agile Data Assets
Embarcadero Technologies
 

Weitere ähnliche Inhalte

Was ist angesagt?

SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer MobileSharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
Bitzer Mobile, now part of Oracle
 
xsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Engxsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Eng
Rob Christ
 
Immuta Overview - February 2016
Immuta Overview - February 2016Immuta Overview - February 2016
Immuta Overview - February 2016
John Sarazen
 

Was ist angesagt? (20)

Driving IT Transformation with Agile Analytics
Driving IT Transformation with Agile AnalyticsDriving IT Transformation with Agile Analytics
Driving IT Transformation with Agile Analytics
 
Inventory of IoT slide sets
Inventory of IoT slide setsInventory of IoT slide sets
Inventory of IoT slide sets
 
Ijcis -->cfp
Ijcis -->cfp Ijcis -->cfp
Ijcis -->cfp
 
Preventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero TrustPreventing Data Cloud Breaches with Zero Trust
Preventing Data Cloud Breaches with Zero Trust
 
SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer MobileSharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
SharePoint Securely Moblized - webinar with Colligo and Bitzer Mobile
 
call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...call for papers - International Journal on Cryptography and Information Secur...
call for papers - International Journal on Cryptography and Information Secur...
 
xsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Engxsecutive infosec 2015 final Eng
xsecutive infosec 2015 final Eng
 
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
Himss 2016 Lunch & Learn: Data Security in IoT (and ePHI Risks)
 
SouthData | Billing, Scanning, Networking | Print and Electronic Documents
SouthData | Billing, Scanning, Networking | Print and Electronic DocumentsSouthData | Billing, Scanning, Networking | Print and Electronic Documents
SouthData | Billing, Scanning, Networking | Print and Electronic Documents
 
Immuta Overview - February 2016
Immuta Overview - February 2016Immuta Overview - February 2016
Immuta Overview - February 2016
 
Digital Life of Things
Digital Life of ThingsDigital Life of Things
Digital Life of Things
 
Azure for Education Ktadeka UCL Cloud Event 2013
Azure for Education Ktadeka UCL Cloud Event 2013Azure for Education Ktadeka UCL Cloud Event 2013
Azure for Education Ktadeka UCL Cloud Event 2013
 
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018 e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
e-SIDES workshop at EBDVF 2018, Vienna 14/11/2018
 
5 questions to ask before bringing AI to your business
5 questions to ask before bringing AI to your business5 questions to ask before bringing AI to your business
5 questions to ask before bringing AI to your business
 
What is Cloud and what are the best practices?
What is Cloud and what are the best practices?What is Cloud and what are the best practices?
What is Cloud and what are the best practices?
 
Content Collaboration - Prevent data loss in a global digital future
Content Collaboration - Prevent data loss in a global digital futureContent Collaboration - Prevent data loss in a global digital future
Content Collaboration - Prevent data loss in a global digital future
 
International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)International Journal on Cryptography and Information Security ( IJCIS)
International Journal on Cryptography and Information Security ( IJCIS)
 
Managing Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social WebManaging Data Breach Communication on The Social Web
Managing Data Breach Communication on The Social Web
 
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
SecureAuth & 451 Research Webinar: Connected Security - A Holistic Approach t...
 
dataEstate® - Reimagining data governance for the Legal industry
dataEstate® - Reimagining data governance for the Legal industrydataEstate® - Reimagining data governance for the Legal industry
dataEstate® - Reimagining data governance for the Legal industry
 

Ähnlich wie The New Framework for Modern Data Privacy and Security

Foundational Strategies for Trust in Big Data Part 3: Data Lineage
Foundational Strategies for Trust in Big Data Part 3: Data LineageFoundational Strategies for Trust in Big Data Part 3: Data Lineage
Foundational Strategies for Trust in Big Data Part 3: Data Lineage
Precisely
 
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
Denodo
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
CipherCloud
 
Technology Trends for 2019: What it Means for Your Business
Technology Trends for 2019: What it Means for Your BusinessTechnology Trends for 2019: What it Means for Your Business
Technology Trends for 2019: What it Means for Your Business
Precisely
 
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
mfrancis
 
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarDiscovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Concept Searching, Inc
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
Uni Systems S.M.S.A.
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
AchSulav
 

Ähnlich wie The New Framework for Modern Data Privacy and Security (20)

How to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computingHow to make the move towards hybrid cloud computing
How to make the move towards hybrid cloud computing
 
Driving Business Value Through Agile Data Assets
Driving Business Value Through Agile Data AssetsDriving Business Value Through Agile Data Assets
Driving Business Value Through Agile Data Assets
 
Trust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erpTrust, security and privacy issues with cloud erp
Trust, security and privacy issues with cloud erp
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
 
Foundational Strategies for Trust in Big Data Part 3: Data Lineage
Foundational Strategies for Trust in Big Data Part 3: Data LineageFoundational Strategies for Trust in Big Data Part 3: Data Lineage
Foundational Strategies for Trust in Big Data Part 3: Data Lineage
 
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
Finding Your Ideal Data Architecture: Data Fabric, Data Mesh or Both?
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
 
Lecture 1-big data engineering (Introduction).pdf
Lecture 1-big data engineering (Introduction).pdfLecture 1-big data engineering (Introduction).pdf
Lecture 1-big data engineering (Introduction).pdf
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
Technology Trends for 2019: What it Means for Your Business
Technology Trends for 2019: What it Means for Your BusinessTechnology Trends for 2019: What it Means for Your Business
Technology Trends for 2019: What it Means for Your Business
 
[Sencha 엔터프라이즈 웹애플리케이션 세미나] BYOD - Sencha space
[Sencha 엔터프라이즈 웹애플리케이션 세미나] BYOD - Sencha space[Sencha 엔터프라이즈 웹애플리케이션 세미나] BYOD - Sencha space
[Sencha 엔터프라이즈 웹애플리케이션 세미나] BYOD - Sencha space
 
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
Mobile Middleware and Mobility in the Enterprise - Yad Jaura, Marketing Manag...
 
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World WebinarDiscovery, Risk, and Insight in a Metadata-Driven World Webinar
Discovery, Risk, and Insight in a Metadata-Driven World Webinar
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 

Kürzlich hochgeladen

VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
tanu pandey
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 

Kürzlich hochgeladen (20)

Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Hostel management system project report..pdf
Hostel management system project report..pdfHostel management system project report..pdf
Hostel management system project report..pdf
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
Hazard Identification (HAZID) vs. Hazard and Operability (HAZOP): A Comparati...
 
2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects2016EF22_0 solar project report rooftop projects
2016EF22_0 solar project report rooftop projects
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 

The New Framework for Modern Data Privacy and Security

  • 1. 1 The New Framework for Modern Data Privacy and Security
  • 2. 2 Agenda Dealing with data security at scale A new framework: Discover, Classify, Segment, Enforce How Cyral can help Q&A Online Retail App Example
  • 4. 4 Introductions Nishant Bhajaria Head of Technical Privacy, Engineering & Architecture Uber Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
  • 5. The Data Cloud Security Challenge 5
  • 6. 6 Digital Growth Initiatives are Driving Adoption of the Data Cloud Continuous Development • Quickly deliver new experiences • Exponential increase in data Data Democratization • Become a data driven business • IT not the single gateway to data Infrastructure as Code • Platform interoperability • Heterogenous data services
  • 7. 7 Data is growing at an unprecedented rate
  • 8. 8 Personalization leads to massive incremental increase in data Transactions Web Behavior Mobile Activity Email Behavior Social Behavior Preferences Demographics 1% User Growth DataVolume 2-3X Data Growth
  • 9. 9 Data is now everywhere
  • 10. 10 Data is now everywhere I don’t know where my data is Am I collecting the same data many times over? Am I collecting the wrong data? 3rd party data sharing How do legal and product teams work together? How/when to leverage AI/ML and automation?
  • 11. What is one to do? 11
  • 12. 12 Managing data security and privacy at scale DISCOVER CLASSIFY SEGMENT ENFORCE
  • 13. 13 Step 1: Discover 1 Tribal knowledge-based AI/ML based2 • Lack of a priori models • Training datasets hard to find • Tribal knowledge to get started LESSONS LEARNED • Co-opt both data platform and data science teams
  • 14. Backend Team Frontend Team 14 Step 2: Classify Classify Minimize Collect Analyze LESSONS LEARNED • Use differential controls for sensitive data (e.g. location data) • Calibrate data collection • Is it the right amount? • Is it the right quality? • Get backend / frontend teams to collaborate
  • 15. 15 Step 3: Segment Policy as Code Engine LESSONS LEARNED • Decouple application code from policy engine • Policy as Code simplifies collaboration, versioning • Compliance / privacy teams own policies • Dictate data collection, storage, retention, access
  • 16. 16 Step 4: Enforce LESSONS LEARNED • Find a happy medium between complete lockdown and the wild west • Build classification/tagging first before enforcing using AI • Rotate / revoke / recertify encryption keys periodically • Time box sensitive data access • Anonymize / aggregate for analytics teams
  • 18. 18 Online Retail App Example Compliance Needs • Retention capped to order lifetime • Access limited to order fulfillment Business Analysis Needs • Buying patterns • Seasonality • App vs Website traffic
  • 20. How Cyral can help 20
  • 21. 21 Managing data security and privacy at scale DISCOVER CLASSIFY SEGMENT ENFORCE
  • 22. 22 Technology: Stateless Interception for Data Endpoint Requests Sidecars Deployed locally • Stateless interception of data requests • All data and logs remain private • Deployed by DevOps, no change to apps STRUCTURED AND SEMI-STRUCTURED DATA STORES TOOLS, USERS, APPS, SERVICES SaaS Control Plane Observe Protect Control
  • 23. 23 Security as Code Model 1 Deployment as Code Use existing workflows • DevOps deployment • Infra-as-Code model 3 Policies as Code Use existing source code tools • CI/CD integration • ChatOps model 2 Automated observability Use existing dashboards • API-first architecture • No learning curve
  • 24. • The four-pillar framework to build trust and reduce risk • Discover: Identify where all your sensitive data is • Classify: Calibrate, analyze and minimize data being collected • Segment: Identify rules of access by co-opting compliance, product and business teams • Enforce: Control access using time-boxing, data anonymization and key rotation • Remember to • Exhaust tribal knowledge before starting with AI/ML and automation • Decouple writing and enforcing of security policies • Find a happy medium between complete lockdown and the wild west 24 Summary & Key Takeaways
  • 26. 26 Q&A Nishant Bhajaria Head of Technical Privacy, Engineering & Architecture Uber Srini Vadlamani Chief Technology Officer, Co-Founder Cyral