The IT Nerd

Dasera today announced the release of The State of Data Risk Management 2024 report. The report unveils a significant disconnect between perceived and actual data security, with 63% of organizations believing their security measures are effective despite a record-breaking number of data breaches in the last year.

Dasera researchers analyzed how data risk perceptions and actual preparedness against breaches fluctuate across different industries and uncovered the nuances of data security ratings and an organization’s tangible preparedness for cybersecurity threats.

Key Findings:

Data Security Challenges 

• Top Threat Concerns: The top four threats concerning organizations are data breaches, ransomware, insider threats, and misconfigurations.

• Compliance Efforts: 72% of organizations use audits, in-house legal teams, compliance software, and external consultants to ensure compliance.
• Perceived Effectiveness: Most organizations view their data security strategy as effective, with 44% considering it somewhat effective and 19% rating it as very effective.

Adoption of Data Governance Tools

• Data Cataloging Tools: 27% of organizations have implemented data cataloging tools reflecting proactive data management and security measures.
• Data Hosting and Storage: 50% of data stores are cloud data platforms, signifying substantial cloud service adoption for data management.
• Monitoring and Access Control: 60% of organizations implemented a role-based access control system, showing the need for structured access management.
• Data Usage Tracking: 38% use manual and automated processes to classify sensitive data, showing the importance of accurate data categorization in enhancing security.

• Data Tagging and Security Principles: 58% describe their approach as effective, underscoring challenges in enforcing minimal access rights to secure sensitive data.

Industry-Specific Insights

• High Confidence: Information Technology and Financial Services show the most confidence in their data security strategies. 
• Challenges: The government sector faces more challenges and less confidence in its data security measures.
• Unique Observation: Interestingly, healthcare is the only industry where no organization rated its data security strategy ineffective.

The survey underscores the importance of adopting integrated and automated data security strategies to address significant challenges. The prevalence of manual, homegrown, often undefined processes and a lack of awareness and understanding among executives and departments highlight the critical need for strategic alignment and automation in data security.

To effectively navigate the complex and evolving data risk landscape, Dasera advises organizations to implement comprehensive discovery and classification, adopt a holistic data governance framework, leverage advanced monitoring and analysis tools, prioritize risk management and compliance, educate and train staff, embrace a zero-trust security model, and optimize security investments with scalable solutions.

To download the full report, visit https://resources.dasera.com/the-state-of-data-risk-management-2024-report.

Methodology

Dasera surveyed over 300 respondents from various sectors, including education, professional services, information technology, government, health and life sciences, and financial services. Larger organizations, particularly those in financial services and health and life sciences, rated their data security and governance practices more positively. In contrast, education and more minor organizations encountered more challenges, resulting in lower ratings. Despite high confidence levels reported amongst specific sectors, 2023 breach data from sources such as the Verizon Data Breach Report, Identity Theft Resource Center (ITRC), Kroll’s 2023 Data Breach Outlook Report, and Firewall Times report a record-breaking year for breaches, showing an apparent discrepancy between security breaches and an organization’s perception of its security posture.

Dasera has expanded its capabilities, securing sensitive data across multiple applications. With the inclusion of Microsoft 365, Dasera provides organizations with enhanced visibility into their data across OneDrive, SharePoint, and Teams, ensuring robust protection and governance.

The integration with Microsoft 365 represents a monumental step forward for Dasera, enabling a robust solution to identify and manage sensitive data within the suite. This enhancement optimizes privacy processes via Dasera’s powerful policy engine, facilitating efficient data discovery and management.

Dasera’s extension into SaaS applications introduces several key features:

• Unparalleled Visibility: Dasera identifies sensitive data within SharePoint sites and OneDrives, ensuring proactive risk mitigation.
• Comprehensive Risk Assessment: The platform identifies sensitive data shared via files in Teams conversations, ensuring end-to-end security.

Additional new features include swift and efficient data risk assessment, which enable organizations to:

• Get a Rapid Data Risk Assessment with Snapshots: Quickly pinpoints the identification and securing of sensitive information within AWS RDS data stores. This non-intrusive method is quickly deployed and ensures comprehensive security assessments without impacting performance or privacy policies. Snapshots empower organizations to swiftly understand and mitigate potential threats, bolstering data security seamlessly.
• Ingest Context from Anywhere: Expanding metadata enrichment capabilities, Dasera now ingests data tags from AWS, complementing existing integrations with GCP and Snowflake. This enhancement automates tag importation when connecting to any AWS data store, facilitating precise alerting and remediation.

Dasera continues to pioneer transformative advancements in data security and governance, ensuring organizations stay ahead in safeguarding their most critical assets.

Check out Dasera’s “What’s New” page to learn more about these updates. For more information on how Dasera helps organizations secure their full data lifecycle, read our white paper “Harness the Power of Data Security.”

Dasera, the premier automated data security and governance platform for data-driven enterprises, expands data security and governance coverage, empowering organizations to safeguard structured and unstructured data with precision and efficiency. Now with a comprehensive and seamless approach to securing unstructured data sources, Dasera is redefining the standards of data security. Unlike traditional models, its solution effectively bridges the gap across all data types and sources, ensuring consistent protection regardless of whether the data is on-premise or in the cloud. This expansive approach makes Dasera one of the few in the industry delivering such a broad scope of data security.

New product features include:

• Improved Risk Remediation for Applications Accessing Data 
  Dasera’s already extensive risk detection capabilities receive a boost with the ability to track risks associated with certain service account users. The platform now offers improved workflow enhancements, accurately disambiguating user actions and attributing risks to specific individuals, including those leveraging service accounts.
• Expanded Data Classification Support for Unstructured Data 
  Dasera expands its data classification capabilities, now providing unparalleled support for unstructured data sources, including the widely used Amazon S3. Businesses can now seamlessly discover and classify sensitive data from unstructured sources, broadening Dasera’s coverage and empowering customers to proactively protect their data.
• Data Classification for Images Leveraging AI 
  The latest update introduces the ability to classify sensitive data within images, including text and handwriting. Leveraging the power of AI, Dasera users can now identify unstructured data hidden in images, ensuring that no critical information goes undetected. This extension of coverage marks a significant advancement in data security for businesses handling image files.
• ‘Continuous Compliance Check’ Reporting 
  Dasera automates data security reporting with the introduction of scheduled PDF reports delivered directly to executives’ and stakeholders’ inboxes. This feature provides real-time visibility into data security risks, enabling key decision-makers to shift from ad-hoc audit surveys to always-on automated ‘continuous compliance check’.
• Streamlined Infrastructure Onboarding 
  Dasera now offers improved infrastructure onboarding capabilities through enhanced CloudFormation and Terraform templates. This streamlines the onboarding process for various data stores on popular cloud platforms such as AWS, Azure, and GCP. Customers can efficiently connect to their data infrastructure, saving valuable time and resources. (Dasera had launched Ski Lift for Snowflake customers during the Snowflake Summit in June.)
• Azure Tenant-Based Onboarding for Discovery at Scale 
  With the latest release, Dasera introduces Azure Tenant Based Onboarding, enabling customers to onboard their Azure Subscriptions at scale. This optimization accelerates the onboarding and discovery process for Azure users providing full visibility in a matter of minutes.

To learn more about these updates and how Dasera helps organizations protect their environment across the data lifecycle, visit booth SC202 at Black Hat or read Dasera’s whitepaper on how to Harness the Power of Data Security.

Dasera, the premier automated data security and governance platform for top-tier finance, healthcare, and technology enterprises, is thrilled to unveil “Ski Lift,” a complimentary platform exclusively designed for Snowflake users. With “Ski Lift,” Snowflake customers can gain a panoramic view of their Snowflake environment while scaling their data security and governance controls.

Key features of “Ski Lift” include:

• Find: Discover real-time insights into data security posture with automated classification and tagging
• Flag: Continuously monitor threats with risk detection from user access, data usage, and misconfigurations
• Fix: Auto-remediate security and compliance violations throughout the data lifecycle
• Flow: Experience rapid risk assessments, automated alerts, and self-service deployment

In addition, Dasera is proud to announce its partnership with the Snowflake Partner Network. By joining forces, Dasera and Snowflake empower customers to address the increasing need for robust data protection in today’s interconnected world. With advanced data security measures, comprehensive governance controls, and Dasera’s powerful query analysis engine, organizations can confidently leverage their data to drive insights, make informed decisions, and achieve their strategic objectives.

Dasera’s query analysis engine automatically finds, flags and fixes unsafe queries in data warehouses, helping organizations proactively address data security and compliance concerns. By identifying potentially risky queries, Dasera minimizes the risk of unauthorized data access, ensuring data integrity and maintaining confidentiality. With Dasera, organizations can unlock the full potential of their data while maintaining compliance with industry regulations. Attendees of the Snowflake Summit at the Caesars Forum Conference Center in Las Vegas from June 26-29, 2023, can visit Dasera at Booth 2941-A to explore this innovative solution.

Snowflake customers can sign up for a 45-day “season pass” to “Ski Lift” at the Snowflake Summit or by filling out the form here.

Dasera, the premier data security platform specializing in automated data security and governance solutions for top-tier finance, healthcare, and technology enterprises, today announced the appointment of Terry Hill as Chief Revenue Officer. With Dasera’s recent successful Series A funding, Hill will play a pivotal role in driving the company’s sales efforts, expanding its customer base, and fostering revenue growth to help Dasera reach the next stage of success.

Bringing over 25 years of experience in the technology sector, including notable roles as CRO at Orca Security and head of sales at Fastly, Hill has a proven track record of success. At Fastly, he played an instrumental role in the company’s growth journey, from a B Round start-up to a successful IPO, while holding leadership positions in sales, marketing, finance, and operations at AT&T.

Dasera’s data security platform fosters a culture of trust, collaboration, and innovation, creating data-driven environments. Its solution empowers organizations to unleash the full potential of their data confidently, maintaining a competitive edge in the ever-evolving landscape.

As the world migrates to the cloud, modern data security and governance teams grapple with data sprawl, generating exponential governance challenges, security issues, compliance violations, and data misuse. Today’s organizations require a comprehensive security and governance solution that proactively manages their data risk posture on-prem and cloud environments.

Dasera empowers organizations to harness their data securely, providing automated data security and governance controls for on-prem and cloud environments. Balancing data accessibility with minimized risk, Dasera offers contextualized visibility and understanding of the four data variables: Data infrastructure, data and its attributes, data users, and data usage. With real-time monitoring, an open platform standard that integrates and ingests context from any tool, and cross-functional workflows that streamline the incident response process, Dasera detects and remediates potential data misuse or leaks, ensuring safe and compliant data-driven decision-making.

As AI technologies like ChatGPT-4 continue to advance, companies will increasingly give in to temptation and rely on these tools for various tasks, including processing and analyzing sensitive data. Dasera’s automated data security and governance controls can help identify inappropriate usage of sensitive data – such as an analyst at a financial services firm using ChatGPT-4 to process customer financial records – enabling organizations to maintain visibility and control over their data assets, bolstering their overall data security posture, even in the face of advanced AI solutions and potential internal threats.

For a comprehensive understanding of Dasera’s data security platform, explore firsthand insights from our valued customer, Omada Health, or read their latest white paper to discover essential strategies for navigating the complexities of data management, culture, and security.

Dasera, the premier data security platform specializing in automated data security and governance solutions for top-tier finance, healthcare, and technology enterprises, proudly announces today that it has successfully raised $12 million in Series A funding, led by Storm Ventures. Additional participation from Correlation Ventures, Mighty Capital, Tau Ventures, Intuitive Cloud, and existing investors Sierra Ventures and Saama Capital brings Dasera’s total funding to $20 million. This investment will fuel product development, broaden market presence, and bolster customer support.

As the world migrates to the cloud, modern data security and governance teams grapple with data sprawl, generating exponential governance challenges, security issues, compliance violations, and data misuse. Today’s organizations require a comprehensive security and governance solution that proactively manages their data risk posture on-prem and cloud environments.

Dasera’s data security platform fosters a culture of trust, collaboration, and innovation, creating   data-driven environments. Its solution empowers organizations to unleash the full potential of their data confidently, maintaining a competitive edge in the ever-evolving landscape.

Dasera empowers organizations to harness their data securely, providing automated data security and governance controls for on-prem and cloud environments. Balancing data accessibility with minimized risk, Dasera offers contextualized visibility and understanding of the four data variables: Data infrastructure, data and its attributes, data users, and data usage.  With real-time monitoring, an open platform standard that integrates and ingests context from any tool, and cross-functional workflows that streamline the incident response process, Dasera detects and remediates potential data misuse or leaks, ensuring safe and compliant data-driven decision-making.

As AI technologies like ChatGPT-4 continue to advance, companies will increasingly give in to temptation and rely on these tools for various tasks, including processing and analyzing sensitive data. Dasera’s comprehensive data security and governance controls can help identify inappropriate usage of sensitive data – such as an analyst feeding proprietary or private customer data into AI tools, enabling organizations to maintain visibility and control over their data assets even when a few bad apples engage with advanced AI solutions.

For a comprehensive understanding of Dasera’s data security platform, explore firsthand insights from their valued customer, Omada Health, or read their latest white paper to discover essential strategies for navigating the complexities of data management, culture, and security. 

By Noah Johnson, Co-Founder & CTO, Dasera

No longer just a buzzword, companies have begun leveraging artificial intelligence (AI) to manage their data management lifecycles. AI has been increasingly adopted by companies across industries to help manage their data, and its use is expected to continue to grow. In fact, according to a survey conducted by Gartner, 37% of organizations have implemented AI in some form, and another 33% plan to implement it in the next year.

This adoption is because AI has proven to be effective in automating routine tasks and providing insights into data that can be used to make better business decisions. By leveraging AI, companies can ensure that their data is accurate, integrated, and stored in the most cost-effective way possible. Additionally, AI can help to improve data security by detecting and preventing data breaches and other security threats.

AI is a valuable tool for managing data throughout its lifecycle, and its use is likely to continue to grow as more and more companies realize its benefits. Here are some insights on the role of AI in data management:

• Data quality management: AI can automatically detect and correct errors and inconsistencies in data, ensuring that data is accurate and reliable, which is crucial for making sound business decisions.
• Data integration: AI can automate the process of integrating data from different sources, reducing the risk of errors that can occur when data is integrated manually and saving time.
• Data storage: AI can optimize data storage, ensuring that data is stored in the most cost-effective way possible, reducing storage costs, and improving overall data management efficiency.
• Data analysis: AI can automate data analysis tasks such as identifying patterns and anomalies in data, providing businesses with valuable insights, and helping them make better decisions based on the data they have.
• Data security: AI can detect and prevent data breaches and other security threats, for example, by monitoring network traffic and detecting suspicious activity that could indicate a cyber attack.

AI now plays a vital role in effectively managing data throughout its lifecycle, from data quality management to data security. Its ability to automate routine tasks and provide insights can help businesses improve their data management and stay competitive in a data-driven world.

Dasera, the leader in helping organizations operationalize their data governance programs, announced some of its Q2-2022 results today. Since its initial product launch in July 2021, the company has been growing exponentially, tripling the number of clients every quarter. The most recently acquired customers ranged from well-known startups to multinational corporations, with existing customers expanding their usage of Dasera’s platform after piloting the product.

Dasera reached a record number of new customers this quarter by closely working with the clients and better understanding their needs. Starting from positioning itself as a data security startup, Dasera transformed into a data governance company that prompts a cross-functional collaboration of the Security, Data, and Legal teams.

Following a slight expansion of the platform’s capabilities, Dasera delivered a better solution to its customers and experienced significant growth. The company’s customer list has tripled twice since the transformation to data governance. Such an observation signals a stronger product/market fit and proves the demand for tools that help operationalize data governance.

The second quarter of 2022 has been particularly successful for Dasera. The company closed nine new customers, ranging from financial services companies to multinational food corporations. In addition to showing the need across multiple verticals, Dasera was able to help clients solve critical problems in their data governance programs. Three example use cases follow.

A customer in the financial services sector was worried about improperly stored PII and turned to Dasera to solve the problem. Dasera automatically monitored PII in non-sanctioned locations, resulting in 100% of the data being properly classified and non-compliance events being detected immediately. The client was extremely satisfied with the results and expanded its license by four-fold this quarter.

In a second use case, a client in the software development industry was struggling with the speed at which the data access requests were processed and the ongoing inability to govern those requests after access was granted. Dasera’s solution created a single platform that provided all the necessary contextual information that enables a quicker decision-making process. The access requests were redirected to decision-makers through appropriate channels in a timely manner, accelerating the requests’ approval process by three-fold. In addition, the client now has the ability to automatically monitor these new access grants on an ongoing basis, to ensure that employees don’t inadvertently get access to more sensitive data due to data sprawl.

The third customer, a multinational food corporation, experienced a problem with inconsistent data tags within data stores. Before getting onboarded by Dasera, the customer was tagging data manually, resulting in inaccuracies and a lack of an accurate data inventory. Dasera improved tag coverage from 37% to 100% by using automated workflows instead of manual processing. As a result, the customer plans to expand its contract with Dasera by more than 6-fold next quarter.

The above-mentioned use cases illustrate Dasera’s customer-centric approach and dedication to solving clients’ pain points. With Dasera, clients can operationalize their data governance programs: they can have a real-time inventory of their data; automatically enrich their data with metadata; know exactly where it’s stored and how it’s used; continually govern their data; and keep their security, data, and compliance teams completely in sync.

Crater Lake: A New Major Release

Dasera regularly co-creates with its customers to deliver the most value possible. As a direct result of this customer input, Dasera is announcing the availability of its new Crater Lake 5.0 release. Crater Lake allows customers to identify and onboard key data decision-makers from the Security, Data, and Compliance teams, including Data Owners & Stewards; provides them with object-level data and user access visibility; and enables sharing context across the ecosystem with Dasera APIs. To learn more about the new release, visit their blog here.

Dasera, the leader in cloud data protection, today announced its new Mt. Rainier product release. This release fundamentally transforms how short-handed Security and Compliance teams collaborate with Data teams to scale employee access to enterprise cloud data.

The cloud continues to revolutionize the amount of data enterprises are storing and using. According to Cybersecurity Ventures, data stored globally will exceed 200 zettabytes (ZB) in 2025, with over 100 ZB of data in the cloud.

But Security and Compliance teams tasked with protecting data are already overwhelmed. Security teams don’t have sufficient context to know which data are sensitive and who should/shouldn’t have access. Compliance teams don’t have the technology to enforce compliance policies and have largely relied on manual, time consuming audits and self-attestations. Meanwhile, more employees need access to more data to make better decisions. The challenge of empowering employees while protecting data at cloud scale and cloud velocity has largely remained unsolved.

Until now.

Dasera built its Mt. Rainier release by working closely with its early customers. The Mt. Rainier release dramatically improves cross-functional collaboration and to better protect data at scale. The Mt. Rainier release incorporates tailored roles, interfaces, and customized workflows for Data and Compliance team members, all of which save time, streamline cross-functional coordination, and help to detect and eliminate risk as early as possible.

Dasera customers can see value in less than an hour, as Dasera immediately discovers all cloud data stores, and starts classifying all data fields. Security team members can leverage the expertise and knowledge of the Data team to review sensitive data classifications. Data team members can be automatically notified when new fields are discovered in their data sets, improving data quality and data protection. Compliance team members can use Dasera’s no-code policy editor to transform on-paper-only policies into tailor policies that trigger notifications when potential compliance violations occur.

The Mt. Rainier launch follows an eventful year for the company. Dasera achieved SOC II Type II accreditation, created a new Engineering Center of Excellence in India, and grew customer adoption by 100%.

Industry Recognition

Analyst organizations such as Intellyx recognize the growing need of data protection and that best-of-breed technology is addressing the gaps in existing approaches.

In addition, Dasera has won over 10 industry awards in the past year. Highlights include:

• Gold Winner of the Cyber Security Global Excellence Awards 2022: Structured Data Security and Data Security Solutions
• Silver Winner of the Cyber Security Global Excellence Awards 2022: Hot Security Technology of the Year
• Gold Winner of the 2022 Cybersecurity Excellence Awards for Cloud Data Security
• CRN Magazine named Dasera among The 10 Hottest Cloud Security Startups of 2021
• Winner of the 2021 Data Security Innovation of the Year: Cybersecurity Breakthrough Awards
• Global InfoSec Award – Most Innovative in Data Leakage Prevention in 2021: Cyber Defense Magazine