Build-in and turn-on security upfront and by default.
I had the opportunity to speak with Ron Bennatan, Founder and CTO of jSonar, the database security and compliance platform.
Data repositories are where data is queried and analyzed. jSonar provides security for these data repositories including auditing, compliance, and process.
Ron’s customers can be overwhelmed with compliance requirements. They want preventive security controls, they want help moving to the cloud more quickly and securely with the controls that monitor security baked into the solution.
During COVID-19, Ron is seeing more need for services in addition to security solutions. Companies want to ensure they have equivalent security in the cloud as they do on-prem. Everyone is trying to reduce costs with even more emphasis on costs in light of COVID-19.
60% of jSonar clients are in financial services - banks and insurance. Both typically have a mature security program; however, insurance companies tend to be earlier adopters of the cloud than banks.
Companies today have vast amounts of data to protect for business purposes as well as maintain privacy and meet compliance requirements around GDPR and CCPA. In order to do so, they need to know where the data resides and what they need to protect. There’s data on many different systems. Data discovery helps to provide an up-to-date data catalog.
jSonar handles three primary use cases: protection, discovery, and compliance. The 4.2 release extends its expertise beyond data monitoring, auditing, and security by adding an AI-powered “Learn from Me” system to help users classify, label, map, and manage sensitive data.
The focus of security used to be on scanning but the effort required to sustain it over time is high. jSonar’s “Learn From Me” system uses AI machine learning models to build institutional knowledge so future scanning takes less time. By analyzing previous scans, subsequent scans can just look at what has changed since the previous scan. After 3 or 4 scans, the model will learn and do the scanning to classify risk, identify false positives, and reduce workloads from three weeks to one day.
The biggest concern is that it’s too hard and expensive to do good database security. It must be easy enough for a company with just 5,000 employees to just turn it on. Enable people that are cloud-only to just turn on security. Everything on the cloud is standardized - accessible to anyone that cares to be safe.
This release simplifies security by providing pre-built database security playbooks. The playbooks are collections of procedures that users can run in response to various events, either as part of an automated process or when human operations can trigger orchestrated processes. They enable users to respond to outliers, anomalies, and threats, as well as automate communication about these events to the proper team members. Pre-built playbooks reduce the time required to write code into tools for new detection and response procedures. Unlike traditional SOAR solutions, this approach is specifically focused on integrations and actions critical to database risk management.
Users can customize playbooks to automatically respond to threat events specific to their environments. Users can create customized playbooks to integrate with security and non-security tooling. Database security best practices can be encapsulated into structured procedures within the platform to solve the challenges associated with the shortage of personnel with database security skills.
Ron suggests developers and enterprises change their mindset and think about security upfront. People building apps and migrating to the cloud need security baked in. Stop waiting for infosec to ask about security. Security in the cloud needs to be on by default with authentication. All security services should be on by default. At that point, security becomes a “no brainer” -- built-in by default.