Koverse Unveils Zero-Trust Platform for Managing Data
Koverse, Inc., a unit of SAIC, has updated its software-as-a-service (SaaS) platform this week to provide customers with a zero-trust approach to managing data.
Version 4.0 of the Koverse Data Platform (KDP) adds a set of granular controls that limit which users can gain access to specific segments of encrypted documents.
Koverse CTO Aaron Kordova said KDP 4.0 is the first data management platform to make available attribute-based access controls (ABAC) to enforce zero-trust policies at both the dataset and record level. That approach makes it possible to limit access to sections of a document all the way down to the paragraph level, he said.
Other approaches to securing data require organizations to set up a separate data store for each class of permissions, Kordova added. In contrast, KDP uses the unique properties of each individual data element along with the attributes of each user to make an unlimited number of unique complex authorization decisions in real-time. Fine-grained, attribute-based authorization checks are applied to every data access request, so every team member sees only the data they need. Additionally, when data is initially loaded, access to a specific dataset or record—or even knowledge of its existence—can be restricted.
Based on software originally developed for the U.S. National Security Agency (NSA), KDP 4.0 is compatible with structured and unstructured data, batch and continuously streaming and classified and unclassified data generated from any source.
As many organizations shift toward zero-trust IT models focused on securing network access, Koverse is making a case for a zero-trust approach to data management. Even in a zero-trust approach, once end users are granted network access, not many organizations are able to enforce security policies all the way down to specific elements of individual data sets.
It’s not clear to what level most organizations intend to apply a zero-trust IT model, but Kordova said Koverse’s SaaS model is intended to make the core platform a lot more accessible to a wider range of organizations.
Eventually, many organizations will need to apply zero-trust IT policies all the way down to the individual data set level. The challenge is that IT teams don’t typically create data—most data is created by business users. Those business users often have better insight into the sensitivity of that data. IT and security operations teams need to find a way to collaboratively enforce security policies across the entire life cycle of each individual data set.
In the meantime, the volume of data that needs to be secured continues to grow exponentially. Of course, not all that data is top secret, but cybercriminals are adept at sifting meaning seemingly random bits of unrelated data collected from other sources over an extended period of time. One way or another, every piece of data is part of a larger puzzle that doesn’t need to be complete for IT and security pros to appreciate all the implications.
