Data security vs usability: you can have it all

Growing up, were you ever told you can’t have it all? That you can’t eat all the snacks in one sitting? That you can’t watch the complete Back to the Future trilogy as well as study for your science exam in one evening? Over time, we learn to set priorities, make a decision for one thing over the other, and compromise. Just like when it comes to data access in business.

Enabling data access for end-users so they can drive insight and business value is a typical area of compromise between IT and users. Some may see it as a never-ending tug of war. Data access can either be very secure but restrictive or very open yet risky. Scott Adams aptly illustrated this in one of his Dilbert cartoons. As industry and data privacy regulation are increasing, organizations more often than not err on the side of security which frustrates end users, limits agility, and makes for longer time to insight and value.

Yet right now, perhaps more than ever before, organizations need to speed up their efforts to innovate and differentiate in order to become more data-driven. In a landscape where interactions with customers, partners, and employees are ever-more virtual, being able to quickly drive value from data becomes critical. Not just for improvement, but also for survival. The challenge is compounded as the data, from which insight is distilled, is exploding in volume and variety. Across the world, 5G networks are being rolled out, unleashing new real-time streams of data. Not a day goes by without virtual conversations, creating masses of unstructured data. Getting to value means delivering it to those who can make sense of it: the end-users.

Balancing security and useability

To be able to capitalize on this data storm, organizations must find a better balance between the security and usability related to data access. Founded in good data governance, three fundamental steps ensure access to data is both secure and usable. 

  1. Quickly onboard data. Making new data available to end-users as fast as possible is challenging due to the time it takes to understand the information and identify the appropriate data access policies. Provided new data is automatically classified and tagged, the right data access rules can be applied based on that data’s characterization.
  2. Multi-tenant data access. Attribute or tag-based data access (ABAC) policies ensure the same data can be presented to different users or groups in the appropriate format: as-is, obfuscated, or hidden. ABAC eliminates the need to copy data and while the propagation of classifications along data lineage delivers consistent data access rules for derived data.
  3. Safely expand data access. The combination of the previous two steps allows for organizations to safely expand data access to more data and analytics so users can make better, data-driven decisions faster.

Eliminate compromise with Cloudera Shared Data Experience

Cloudera Shared Data Experience (SDX), an integral part of Cloudera Data Platform (CDP), delivers consistent security and governance in public, private, and hybrid cloud. Its capabilities provide the key ingredients that let organizations eliminate the need to choose between security and usability. SDX’s Data Catalog classifies and categorizes data as it arrives, triggering the right access policies in Apache Ranger and tracks lineage in Apache Atlas. Both Ranger and Atlas are part of SDX’s data context layer, proving consistency across all of CDP’s deployments and analytics. SDX provides complete data governance which not only drives value and insight, it also identifies and manages sensitive data for industry as well as regulatory compliance, reducing security risk, and avoiding financial penalties.

In contrast to the Rolling Stones 1969 hit, with SDX, organizations can always get what they want: secure, usable data access that meets the needs of both IT and end-users. With no compromise required.

To learn more, register for our webinar: Security and Governance for Modern Data Management.

Wim Stoop
Director Product Marketing
More by this author

Leave a comment

Your email address will not be published. Links are not permitted in comments.