In my previous post, I talked about the needs that operational teams have to control and protect data. I’d like to expand more on that perspective. Technology vendors spend a lot of time courting CISOs, but the people on the other side — the ones who have to stand up and operate new technology — are just as relevant. You need to think about the problems they’re trying to solve, and how they can solve them more easily.
I’ll start with a couple of cloud-based use cases that ops teams care about, really important problems around data protection and control that people are trying to solve today.
- From a control perspective, simple data retention presents a huge problem. There’s a desire to consolidate sensitive records and encrypt the drives where the records are stored, but even if you classify the records — to differentiate HR and finance, operations and engineering — your retention solution is not going to do a good job of managing access controls that limit specific HR users to only accessing HR-classified data. It also won’t enforce retention policies that control the length of time you need to retain that data.
- From a protection perspective, let’s say that cost and performance factors are driving you to store sensitive application data in the cloud. You might encrypt the data from your own prem, send it through a secure tunnel, and encrypt at rest, but at the cloud destination, you have to change keys. The unprotect/reprotect operation might only take 50 milliseconds, but for a highly-regulated organization, that’s just too much risk. To make sure this data stays protected, you may never get the chance to realize those costs or operational benefits.
Both of these challenges could be met with Ionic MachinaTM, which combines attribute-based policy controls with a key management service. Machina can control and protect any data type stored in any repository; it programmatically handles retention policies and encryption operations.
But in order to really appeal to operational teams, it needs to be easy to use, both for the developers who are going to write to it and the IT teams who are going to deploy it.
Developers can get started with Machina in a few minutes, and it only takes a few lines of code to call the SDK. That’s a great way to run a small POC to test out a solution before investing resources in it.
When you’re ready to move forward, IT can purchase Machina directly from something like AWS Marketplace. This blog covers how to choose the right package and walks you through the pretty painless onboarding process.
Because not every company has a development shop to get the full benefit of Machina across all the applications they use, I’d like to close this post out by making an appeal to other SaaS vendors who offer solutions that solve a wide variety of business needs. The same things that make Machina easy to use for an enterprise make it easy for other vendors to build control and protection into their offerings.
Regardless of what kind of problem you’re solving, your customers want their data to be handled securely. Security can be a differentiator, and you don’t have to build it yourself. Join the Ionic partner ecosystem and make your own applications a win for the operational and security teams who will have to support them in the long term.
Jimmy Baker, senior director of operations at Ionic Security, has over 25 years of experience in analyzing and implementing technical business requirements to lead high-performing operational and IT teams.