Data Security Posture Management (DSPM) defines a new, data-first approach to securing cloud data. DSPM is based on the premise that data is your organization’s most important asset. The proliferation of data in modern multi-cloud organizations is rapidly increasing risks of sensitive data loss or compromise. These risks make cloud data security the #1 problem for security stakeholders – especially those using legacy strategies for protection. DSPM charts a modern path for understanding everything that affects the security posture of your data. DSPM tells you where sensitive data is anywhere in your cloud environment, who can access these data, and their security posture. Following the guidelines and platform-based instrumentation of DSPM is the quickest way to keeping your organization’s data safe and secure. [1]

How the process of DSPM works

With Cloud, every file or data element can be easily shared with anyone around the globe. But this data can also be easily copied, duplicated, modified and shared. Imagine 100 variations of a redlined sensitive contract that needs to be protected, with each version containing different access privileges.

This presents some unique security challenges, which DSPM can effortlessly address with the right tools.

THere’s are the steps DSPM takes to improve an organization’s data security posture:

1. First, it must identify all the sensitive cloud data, from intellectual property to financial to PII/PCI/PHI.
2. Then, it gathers all the information about what data is being shared with whom, and tracks data lineage as it moves across the environment. Identifying where the data may be at risk is a crucial step, as it provides visibility into which data is being shared in accordance with corporate security guidelines and where violations are happening. Typically, the DSPM will alert SOC analysts to provide actionable insights.
3. Finally, and perhaps most importantly, DSPM can remediate those issues as they are happening. For example, it might fix access control issues or permissions. Or, it may disable sharing a sensitive file with a third party that should not be shared. [3]

References:

1. https://normalyze.ai/what-is-dspm/
2. https://www.gartner.com/reviews/market/data-security-posture-management
3. https://concentric.ai/a-technical-explainer-on-data-security-posture-management-dspm/

Cite this article:

Gokula Nandhini K (2023), Data Security Posture Management (DSPM), Anatechmaz, pp.88