What is Data Security Posture Management (DSPM)?
Author: Beth Laws
Release Date: 28/06/2024
DSPM is a term being used frequently throughout the Security world. DSPM stands for Data Security Posture Management and focuses on improving businesses' overall security stance when it comes to their data and compliance requirements.
Protecting company data and proprietary information is becoming increasingly complex for IT and Security teams, especially with more and more companies opting for cloud solutions. A good DSPM solution helps security teams gain visibility on the security stance of data stores, whether these are in the cloud, or on-premise and should provide answers to questions such as:
• How much of your data is sensitive?
• Is the data locked down enough?
• Who has access and what are they actually doing with that data?
These solutions should also help to prevent or remediate any security or compliance concerns.
Prevention
DSPM tools should help to prevent a data breach from occurring, and also assist to minimise the damage an attack could cause if they were to gain access to the network. Security teams need to be aware of where sensitive data lives and ensure that this is locked down appropriately to prevent any crucial data from getting into the hands of an attacker. A DSPM tool can assist with activity monitoring as well, that way attacks should be detected as early as possible in order to mitigate any damage.
Post-Attack
Nowadays, it is not uncommon for an intruder to gain access to the network and it can happen to any business. Because of this, it is important for a DSPM solution to help answer important questions after an attack has happened to help understand what damage has been done.
Post-attack, the following questions may need to be answered:
• What data did the intruder touch and is this data sensitive?
• What did the intruder do with this data?
• How did the intruder gain access to the network?
• What measures can be put into place to prevent this event repeating itself?
Compliance
Many customers will require a DSPM tool to ensure compliance with vital regulations. Most businesses will undergo audits, having to prove their compliance with data laws and regulations. Audit logs and reports proving access controls ensure only the right people have access to data will be required to demonstrate compliance. A platform which has tools like this, and dashboards to highlight which data is subject to such regulations, can make Security and Compliance Officers’ roles a whole lot easier.
Varonis - a Brilliant DSPM Solution
If you’re someone who is familiar with Varonis, you’ll know this is a great DSPM tool as Varonis has always been very much focused on the data side of security. Varonis covers a wide range of on-prem data stores, SaaS and IaaS applications, including Microsoft 365, Salesforce and Windows file shares. Furthermore, Varonis can also scan and classify data in databases.
Once installed, it classifies any sensitive data and monitors permissions and any ongoing data activity across Cloud and on-prem data stores. In addition to this, DLP policies can be enforced as Varonis can set up automatic rules to automatically remove any excessive permissions, and add or correct any Purview classification labels with the assistance of its own data classification engine.
Varonis now offers a new dedicated DSPM dashboard to give Security teams a high-level overview of DSPM risks, helping CISOs to know where to focus their efforts when improving security posture.
Varonis has threat detection capabilities. It has built-in threat models and employs user behaviour analytics, so you’ll be alerted to any usual employee behaviour. And now, with Varonis being a SaaS application, customers have access to the MDDR service. This ensures Varonis’ team of cyber experts have eyes on your alerts 24/7, 365 days a year.
If you are looking for a DSPM solution and would like to try Varonis. Please get in touch with us at Somerford Associates to get a FREE Varonis Data Risk Assessment.