Marriott International, Facebook, Target and Uber — what do these companies all have in common? They’ve all been victims of data breaches in the past 10 years. If you pay any attention to the news, you know that data breaches, hacking and identity theft are very real threats, and there’s a lot at stake for businesses.
As more companies across industries realize how important it is to protect their data, they’re making online security a more formal business priority.
What is Data Security?
Every year, identity management company Okta, which allows users to log into multiple applications using one ID and password, releases its Businesses @ Work report, highlighting the most popular and fastest-growing workplace tools. The report is created using data from thousands of companies and more than 100 million registered users on the Okta platform.
It’s no surprise that, last year, collaboration tools like Slack and Zoom topped the list, as remote work has become increasingly common.
But the 2020 report revealed another pattern. Data protection and online security apps, including the data warehouse company Snowflake, and data monitoring company Splunk, were among the fastest-growing apps of the past year. Snowflake topped the list with 273 percent growth, year over year, meaning they had the highest number of customers who had deployed their app through Okta over the past year, as well as the highest number of active unique users.
As remote and flexible work continues to grow, and as breaches and hacking remain a threat, organization leaders are realizing they have to do more to protect their employees, their data and their business.
Security and Data Protection as a Business Priority
For online security experts, the trend toward data protection and user authentication isn’t all that surprising.
“Being in the security industry, you see some of these trends in security early on,” said Diya Jolly, chief product officer at Okta. Companies want to enable remote work, they want to enable the ability to work from mobile and they’re moving to cloud apps, she added. “They need to figure out how to securely provide access to everything.”
The Okta report stated that, because work is becoming more flexible, the line between personal and work is blending, and the traditional “perimeter” of online security within an office is disappearing. Many companies are migrating from network-centric authentication requirements, which typically requires logging into a system through a VPN, to a people-centric approach, which gives system permissions based on login credentials.
“The fact that the industry is actually putting the largest amount of emphasis on securing people was very interesting to see,” Jolly said of the report. The report found 42 percent of Okta’s customers now have a people-centric security solution, compared to 24 percent three years ago. It also showed that two apps focused on protecting email against phishing attacks, KnowBe4 and Mimecast, were among the most-adopted security tools this year. More users are enabling two-factor authentication — despite the fact that “123456” remains the most popular password.
“Tools that help protect organizations at the individual user level are even more important as those users have become the access points to that valuable data,” Jolly said. “People security is at the top of everyone’s mind.”
“People security is at the top of everyone’s mind.”
Another reason apps like Snowflake have skyrocketed in popularity is because the massive increase in company data has made it harder to manage. Snowflake stores company data but also encrypts it, compresses it and distributes it. They process data queries and provide cloud services like authentication as well, adding an extra layer of security. Snowflake recently raised $479 million in new funding, bringing its total valuation up to $12.4 billion.
“The products and services that are out-performing their peers, and that includes any industry or vertical, are all products or services that are leveraging data,” said Christian Kleinerman, SVP of product for Snowflake. “The companies that are succeeding and coming out ahead are all data-driven.”
Because we live in such a connected world, Kleinerman continued, and things like data breaches have been shown to be real threats, it becomes even more rewarding to a bad actor when they get access to someone’s data.
“You should protect your data as you would protect anything else that is of utmost importance to your company,” he said. “That’s what’s really behind this trend.”
Continuous Data Protection
Snowflake protects customer data by taking on responsibilities that traditionally fell to IT departments. Through their Continuous Data Protection (CDP) feature, the platform prioritizes the security of their own data environment, which means their customer data is protected as well. The feature protects data through encryption, authentication — they can restrict or grant access to users based on IP address — and by maintaining historical data. It defends against software and hardware failure, malicious activity and human error, making it recoverable in the event of intentional or accidental corruption.
Snowflake doesn’t offer threat detection as a stand-alone product. But they’ve received so many requests for access to their internal threat detection software, called Snow Alert, they decided to open-source a large part of the framework.
Snowflake recently launched a partnership with Salesforce that will allow customers to access data between the two platforms. While Kleinerman couldn’t reveal much about the deal yet, he did say the goal is to give customers easier access to data across both services.
“We understand that our consumers want to make decisions based on their data but also based on data from other products,” Kleinerman said. “The partnership is about making data from Salesforce as simple and seamless as possible within Snowflake.”
Jolly is also a believer in tech organizations joining forces, particularly when it comes to security and data protection solutions.
“We [Okta] are obviously super focused on security,” she said. “But the only way we will enable all these technologies, make them ubiquitous and move them forward is if we solve data and security problems together.”