Summary
As with all aspects of technology, security is a critical element of data applications, and the different controls can be at cross purposes with productivity. In this episode Yoav Cohen from Satori shares his experiences as a practitioner in the space of data security and how to align with the needs of engineers and business users. He also explains why data security is distinct from application security and some methods for reducing the challenge of working across different data systems.
Announcements
Hello and welcome to the Data Engineering Podcast, the show about modern data management
Join in with the event for the global data community, Data Council Austin. From March 28-30th 2023, they'll play host to hundreds of attendees, 100 top speakers, and dozens of startups that are advancing data science, engineering and AI. Data Council attendees are amazing founders, data scientists, lead engineers, CTOs, heads of data, investors and community organizers who are all working together to build the future of data. As a listener to the Data Engineering Podcast you can get a special discount of 20% off your ticket by using the promo code dataengpod20. Don't miss out on their only event this year! Visit:
dataengineeringpodcast.com/data-council (
https://www.dataengineeringpodcast.com/data-council) today
RudderStack makes it easy for data teams to build a customer data platform on their own warehouse. Use their state of the art pipelines to collect all of your data, build a complete view of your customer and sync it to every downstream tool. Sign up for free at
dataengineeringpodcast.com/rudder (
https://www.dataengineeringpodcast.com/rudder)
Hey there podcast listener, are you tired of dealing with the headache that is the 'Modern Data Stack'? We feel your pain. It's supposed to make building smarter, faster, and more flexible data infrastructures a breeze. It ends up being anything but that. Setting it up, integrating it, maintaining it—it’s all kind of a nightmare. And let's not even get started on all the extra tools you have to buy to get it to do its thing. But don't worry, there is a better way. TimeXtender takes a holistic approach to data integration that focuses on agility rather than fragmentation. By bringing all the layers of the data stack together, TimeXtender helps you build data solutions up to 10 times faster and saves you 70-80% on costs. If you're fed up with the 'Modern Data Stack', give TimeXtender a try. Head over to
dataengineeringpodcast.com/timextender (
https://www.dataengineeringpodcast.com/timextender) where you can do two things: watch us build a data estate in 15 minutes and start for free today.
Your host is Tobias Macey and today I'm interviewing Yoav Cohen about the challenges that data teams face in securing their data platforms and how that impacts the productivity and adoption of data in the organization
Interview
Introduction
How did you get involved in the area of data management?
Data security is a very broad term. Can you start by enumerating some of the different concerns that are involved?
How has the scope and complexity of implementing security controls on data systems changed in recent years?
In your experience, what is a typical number of data locations that an organization is trying to manage access/permissions within?
What are some of the main challenges that data/compliance teams face in establishing and maintaining security controls?
How much of the problem is technical vs. procedural/organizational?
As a vendor in the space, how do you think about the broad categories/boundary lines for the different elements of data security? (e.g. masking vs. RBAC, etc.)
What are the different layers that are best suited to managing each of those categories? (e.g. masking and encryption in storage layer, RBAC in warehouse, etc.)
What are some of the ways that data security and organizational productivity are at odds with each other?
What are some of the shortcuts that you see teams and individuals taking to address the productivity hit from security controls?
What are some of the methods that you have found to be most effective at mitigating or even improving productivity impacts through security controls?
How does up-front design of the security layers improve the final outcome vs. trying to bolt on security after the platform is already in use?
How can education about the motivations for different security practices improve compliance and user experience?
What are the most interesting, innovative, or unexpected ways that you have seen data teams align data security and productivity?
What are the most interesting, unexpected, or challenging lessons that you have learned while working on data security technology?
What are the areas of data security that still need improvements?
Contact Info
Yoav Cohen (
https://www.linkedin.com/in/yoav-cohen-7a4ba23/)
Parting Question
From your perspective, what is the biggest gap in the tooling or technology for data management today?
Closing Announcements
Thank you for listening! Don't forget to check out our other shows. Podcast.__init__ (
https://www.pythonpodcast.com) covers the Python language, its community, and the innovative ways it is being used. The Machine Learning Podcast (
https://www.themachinelearningpodcast.com) helps you go from idea to production with machine learning.
Visit the site (
https://www.dataengineeringpodcast.com) to subscribe to the show, sign up for the mailing list, and read the show notes.
If you've learned something or tried out a project from the show then tell us about it! Email
hosts@dataengineeringpodcast.com (mailto:
hosts@dataengineeringpodcast.com)) with your story.
To help other people find the show please leave a review on Apple Podcasts (
https://podcasts.apple.com/us/podcast/data-engineering-podcast/id1193040557) and tell your friends and co-workers
Links
Satori (
https://satoricyber.com)
Podcast Episode (
https://www.dataengineeringpodcast.com/satori-cloud-data-governance-episode-165)
Data Masking (
https://en.wikipedia.org/wiki/Data_masking)
RBAC == Role Based Access Control (
https://en.wikipedia.org/wiki/Role-based_access_control)
ABAC == Attribute Based Access Control (
https://en.wikipedia.org/wiki/Attribute-based_access_control)
Gartner Data Security Platform Report (
https://www.gartner.com/en/documents/4006252)
The intro and outro music is from The Hug (
http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/Love_death_and_a_drunken_monkey/04_-_The_Hug) by The Freak Fandango Orchestra (
http://freemusicarchive.org/music/The_Freak_Fandango_Orchestra/) / CC BY-SA (
http://creativecommons.org/licenses/by-sa/3.0/)