Data security and privacy anti-patterns
Who is this presentation for?
- CISOs, CIOs, CTOs, chiefs of data analytics, innovation officers, data analytics leads, legal and compliance professionals, data engineers, IT, and database administrators
Over the past four years, Immuta has worked to solve data security and privacy challenges across a heterogeneous set of customers and verticals—and very consistent anti-patterns have emerged, several of them, in fact. These are universally common mistakes made by the largest and the smallest companies, across industries and engineering talent levels. This is the definition of an anti-pattern—intuition tells you it’s a great idea until you implement it, and the blind spots take over.
Immuta has also found that anti-patterns can be culture defining. Some organizations don’t realize they even have a problem until the world changes underneath them: policies become more complex (think GDPR and the California Consumer Privacy Act [CCPA]) or the organization needs to be more data driven but analytical efforts are stymied. Defeating anti-patterns may also mean changing culture for the better. Realizing you have a problem is the first step to solving it.
Five anti-patterns have emerged. Steven Touw dives into those anti-patterns, but, in fact, spends more time solving them. The first anti-pattern is the data-policy snowflakes, where each database or application manages policies on its data in its own unique way—like a snowflake. This leads to mistakes, validation issues, fragility in managing the policies, and fear. It’s not recognized for data transfers within the organization, so analysis stops. Another anti-pattern is conflating who, why, and what, where role-based access control (RBAC) is bad and doesn’t provide the flexibility needed, and it results in “role bloat” in your identity management system. This bloat exacerbates runaway manual approval processes for data entitlements. The copy and paste dat-sharing method is when organizations think about data sharing as an ETL process, which is not scalable to a modern data privacy and security world, nor the fast past analysis world we live in. Start from scratch; rinse, repeat is an anti-pattern where you define all policies from scratch every time you need to share data; in other words, you’re deciding what to give the user from scratch for every use case. This is not scalable and leads to similar issues as the data-policy snowflakes. There’s also privacy engineering blunders, because privacy engineering is a nascent complex field with nonobvious pitfalls. This has been seen in the news with several privacy blunders such as the Netflix challenge. You’ll learn some of the most common and nonobvious blunders and some advances in privacy engineering, such as differential privacy.
For each of the five anti-patterns, Steven shares the problem and real-world examples and then dives into simple mitigation strategies to get back on track. You’ll leave able to accelerate your analytical initiatives without sacrificing legal and compliance guidelines.
- A basic understanding of data security architecture
What you'll learn
- Recognize if you have a problem with your current data security and privacy architecture
- Learn what simple steps to take to solve those problems and accelerate your data analytics initiatives that are stymied by these nonobvious anti-patterns
- Discover deeper knowledge of legacy security and privacy practices and modern scalable approaches
- Gain a better understanding of cutting-edge privacy engineering techniques, such as differential privacy
Steve Touw is the cofounder and CTO of Immuta. Steve has a long history of designing large-scale geotemporal analytics across the US intelligence community, including some of the very first Hadoop analytics, as well as frameworks to manage complex multitenant data policy controls. He and his cofounders at Immuta drew on this real-world experience to build a software product to make data security and privacy controls easier. Previously, Steve was the CTO of 42six (acquired by Computer Sciences Corporation), where he led a large big data services engineering team. Steve holds a BS in geography from the University of Maryland.
Comments on this page are now closed.
For conference registration information and customer service
For more information on community discounts and trade opportunities with O’Reilly conferences
For information on exhibiting or sponsoring a conference
For media/analyst press inquires