With the massive amounts of data organizations now ingest, store, and analyze comes a massive responsibility to monitor, manage, and protect it. Unfortunately, many businesses are functioning with little insight into how their data is stored and who is accessing it — and their overly complex data architecture can turn those challenges into
Frail security can lead to unnecessary risk, and if you are not in control of your data architecture, the next big compliance offender or data breach victim could be you. These risks — and the time and resources required to address them — make up part of a hidden tax on your innovation. We call it DIRT — the Data & Innovation Recurring Tax.
Our experts have identified 10 symptoms that can indicate your business is paying DIRT — read about them all in our white paper 10 Signs Your Data Infrastructure is Holding You Back, and check out Part 1 of this blog series.
Here, we highlight two signs of this innovation tax that are all about security.
Symptom #3: That last big data breach — or the next one — is on you
The more complex your data architecture, the more threat vectors you need to cover and the more complicated and time-consuming it becomes to maintain security. Each data store and application may have its own security framework and requirements — its own access controls, role definition, and login procedures. Each database may in turn be connected with multiple other technologies and vendors, further adding to the time and complexity needed to keep everything secure.
That’s a drag on your team: Some 30% of IT managers spend more than 16 hours a month just on patching, and 14% spend more than 48 hours a month. Often, it’s impossible to keep up: 42% of breaches are the result of an attack for which a patch was available but not applied, according to a Ponemon Institute study of IT professionals. On average, 28% of vulnerabilities remain unaddressed.
Our Solution:
With an application data platform, you have one set of database and data service components that share the same developer experience and the same underlying operational and security characteristics, making it a lot easier to defend. Organizations can use a single overarching security policy and implementation without having to reinvent the wheel every time someone has a new use case for the data. Maintaining audit logs and access is dramatically streamlined. You get both security and speed.
Symptom #4: Rampant data duplication makes compliance a nightmare
In a modern organization, every part of the business should have access to the data and insights that help optimize performance and meet customer demand. But most data is trapped in silos, each with its own formats, access, and authorization controls.
Attempts to address data silo issues often create their own web of separate niche data technologies, each trying to solve the problem. That can create a lot of data duplication — so even your IT leaders may not know who has copies of which data, or even how many copies there may be.
That’s obviously a problem for security reasons. It also makes it extremely difficult to comply with regulations such as GDPR and the California Consumer Privacy Act, or to respond effectively to audits. How can you tell your regulators exactly where personally identifying information sits, or where it has been, when you don’t even know how many copies exist?
Our Solution:
Eliminate silos in the first place by using an application data platform, which addresses many of the use cases that would otherwise spur teams to duplicate data. And, with MongoDB, you can federate queries across multiple sources so you don’t have to move data into different formats.
Our next installment will focus on your developers’ time, how it’s spent and the price you pay when they can’t find the time to develop and roll out best-in-class features.
For a complete view of DIRT, read our white paper DIRT and the High Cost of Complexity.