Where is my data at risk, and who should I call to fix compliance or security issues? Who has permission to access my data, and how are they using it? These are the questions that keep security and governance teams up at night. While the questions themselves are simple enough, tracking down the answers is quite complex using traditional security methods and tools. As I discussed with theCUBE’s Dave Vellante at RSA Conference 2023, that is the exact problem that Symmetry sets out to solve, with data security that simplifies the security process.
Security teams need simple security solutions to solve simple questions
Did a contractor access customer data?
It’s a simple question, with a not-so-simple answer in traditional security environments.
To answer such a question, staff must look through hundreds of configuration and event logs in multiple tools to determine if the data was encrypted, where it was stored when it was accessed, who accessed the data and when, etc. Unfortunately, the end analysis simply proves that the logs don’t exist. Even modern cloud-native organizations today have multiple cloud deployments, and these environments become very complex very quickly. Data can be stored in any number of services across various cloud environments. Often, the same company will have a data lake team working in one public cloud environment and a product team in another. Finding the answer to a simple question about data can take months. In this time, the organization is at risk of a compliance violation and/or a security breach.
Simple Security Begins with the Data
At Symmetry, we believe finding the answers about your data should be as simple as the questions themselves. It doesn’t matter where the data is stored—if it’s in BigQuery or AWS Redshift, in a production or development environment—organizations must be able to find and follow their data, and compliance with policies must be monitored and enforced consistently.
Until recently, organizations lacked the tooling to adequately secure and protect their data. We started Symmetry in 2019 because we care deeply about privacy. We want people like you and me to have agency over their data. The Symmetry technology was born from the award-winning Spark Research Lab at UT Austin. So, from the very start, we’ve had the expertise and experience needed to build data control and visibility directly into the infrastructure. Symmetry’s DataGuard DSPM enables organizations to find answers about their data directly.
How Symmetry’s DSPM Works
The Symmetry solution is agentless and crawls the customer’s cloud environment, finds and classifies data and, like a flight data recorder, monitors what is happening to the data all the time. Organizations can then build workflows on top, to ask questions like: did production customer data flow into a dev or staging environment? What data do I have, and where is my sensitive data? The platform is built to be extensible so that organizations can build organization-specific workflows – for example, label highly secret projects’ data without even the infrastructure team obtaining these details.
Symmetry Solves the Single-Point-of-Failure Scenario
SaaS is the typical delivery model for security startups in the cloud. It’s ideal for a startup, as they get all the data within their control to mine for insights. However, when organizations adopt a SaaS solution, the provider becomes a single point of failure for the data that it stores. At Symmetry, we made a commitment at the start to avoid becoming a single point of failure for our customers. Symmetry’s Dataguard DSPM is a service that is deployed directly into a customer’s cloud environment. We bundle everything into a virtual machine or a Kubernetes deployment, that can be shipped anywhere—to a public cloud, like AWS or Azure, or on-prem. This decision to deploy in the customer’s cloud and not take data out, has allowed us to quickly gain market traction within highly regulated industries where data visibility is a requirement to meet compliance mandates.
We have also been mindful of the pricing model for the Symmetry DSPM technology. SaaS solutions can rack up exorbitant prices when the organization scales. This can be a nasty surprise. We picked a simple, infrastructure-centric pricing model based on the size of the customer’s deployment. Customers are alerted before they run out of capacity, so they can prepare and avoid price increases when, for example, a lot of data is downloaded to the data lake.
The Future of Security—Start with Data
As organizations adopt the principle of zero trust to protect their IT assets, the focus is typically on the network pipe and limiting access via zero trust network access and SASE, for example. At Symmetry, we believe zero trust should be anchored around a company’s most sensitive and mission-critical data. Our DSPM technology is the very foundation of zero trust and it is the future of security.
Data security posture management enables security, privacy, and data teams to build security from the data out by focusing directly on data objects and examining a cross section of identity, data stores, and data flows to answer important questions like:
With Symmetry, security operations teams can improve their data security posture and protect against data security risks and threats.To hear the interview with theCube in more detail, click here. And if you’d like to learn more about data security posture management and why it is so important to the future of data security, check out our Why DSPM section.