Doug Wick is Vice President of Product at ALTR. ALTR’s Data Security-as-a-Service platform brings simplicity to the control of sensitive data consumption. Our cloud-native approach extends zero trust to the SQL Layer, stopping credentialed access threats and SQL injection attacks in their tracks. ALTR implements query-level observability, detection and response over any datastore in a matter of days, not weeks or years, and brings a new level of protection across any enterprise’s modern data architecture.
Could you share the genesis story behind ALTR?
Hackers are the obvious culprit in data breaches, but they are too often helped by human error. In many ways, this year has been the worst on record. The likes of Marriott International, Estee Lauder, and of course Zoom, have had incidents involving both private and business data.
These constant reminders of data insecurity have been all too familiar to ALTR since the very beginning. With backgrounds in algorithmic options trading, where maintaining secure data custody is vital, our CTO James Beecham and other founders had a unique view into the problem and they decided to solve it.
Data security has been dominated by big companies like IBM and Microsoft. They use obsolete approaches that all have one thing in common—they were never created for the cloud. Infrastructure is more and more disconnected from the data that runs through it, and the old ways are being superseded by new approaches.
Prevention, detection and resolution has been successfully extended to the cloud and offered as an automated service—called Security-as-a-Service or SECaaS—by companies like Okta and Splunk. ALTR has stepped in to fill the data-security gaps with DSaaS or Data Security-as-a-Service.
What was it that inspired you to join the ALTR team?
I’ve been in the tech industry for around 20 years, starting as an engineer and later running businesses and building teams from serving as a CEO to leading marketing, product management, and customer success. I love working in technology and it’s been my good fortune to have seen up close a lot of big changes as technology has evolved through disruption waves.
While the timing and characteristics of these waves is not always easy to predict, the patterns they follow are often recognizable. For instance, the breakthroughs that gave rise to the internet were followed by new applications that altered entire markets. When I first got a look at the technology that ALTR has developed, it reminded me of the waves of change I’ve seen in the past.
We need a stronger data security model that is built for the cloud era, and is ready for the next wave of technological innovation. ALTR DSaaS is designed for the future, and that’s what inspired me to join the company.
Can you discuss how ALTR’s technology is used to secure enterprise data?
ALTR integrates data security natively into applications at the SQL layer, directly between users and the data itself. Offered as a cloud-ready service, it works in “Zero Trust” data environments, stopping credentialed access threats and SQL injection attacks in their tracks.
Application makers and IT teams can quickly and simply build data security directly into applications via a smart database driver or API service. As a result, data security goes wherever the application goes. For example, if you embed on-prem and move to the cloud, then your entire data security and governance model goes with you..
This not only reduces the time and cost involved in protecting data, but it also eliminates much of the complexity of implementation and maintenance because IT can actually pick-and-choose how to consume the ALTR service by selecting how data is governed and protected at a fine-grained level. It also gives them the ability to quickly detect and respond to internal and external threats to data as they happen.
What are some of the issues with how current enterprises protect data?
Traditional data security measures, which focus on access privileges, are implemented into the infrastructure that the data uses. But that doesn’t tell us anything about what, where and how people are using data. Instead, we have to assume someone isn’t who they say they are and ensure that data access requests flow through checkpoints that keep a watchful eye and offer tight mechanisms of control
ALTR starts by making it easy for security leaders, and the makers of the applications we use, to embed data security into applications themselves. It’s like putting smart safety technology into cars on a highway. That way, those applications can go anywhere, on any road—even a road in the cloud—and still be safe.
By doing this, we also provide visibility into data flows. This kind of observability recognizes abnormal patterns when data consumption exceeds preset thresholds, or access to data is outside normal parameters for a user, and limits or stops any abnormal usage of data in real time. This is similar to how a credit card provider blocks an account and contacts the cardholder when payment activity looks suspicious.
Most companies assume that data stored in a cloud data warehouse (CDW) is safe, yet your views differ on this. Can you explain your mindset behind the cloud and how it can be a liability for cybersecurity?
CDWs like Snowflake and Amazon Redshift can safeguard user permissions and protect at-rest data, and regulating initial access to a CDW is easy enough with single sign-on (SSO) providers like Okta.
However, there are big gaps around data access governance. CDWs do not offer control over data consumption, and because their entire infrastructure is virtualized, traditional measures such as data-loss prevention (DLP) or endpoint protection around the data stack aren’t workable. It’s tempting to fall back on older technology such as a proxy, but that diminishes performance and still leaves data vulnerable to attack.
The best approach is a query-level solution that works in parallel with the CDW itself—one that’s abstracted, elastic, and is not connected to the infrastructure. ALTR DSaaS provides both governance over data access and observability into the context of data consumption without compromising the flexibility, speed, and scalability of a CDW.
Moreover, by putting data access governance and protection within applications, DSaaS keeps you from getting siloed into old security paradigms. Whether you want to move to a new data center, or just grant permissions to an existing user with a new laptop, DSaaS makes enforcement of pre-existing data policies much simpler.
You’ve stated that this type of security is the future of cybersecurity. Could you define what that means and what makes it so powerful?
In the past, data access has been defined by who is trying to access it. However, in a remote, cloud-driven world—protected by a patchwork of complex and disparate identity systems—it’s easy for the bad guys to pose as someone they are not.
Data needs to be handled more like how money is accessed with a debit card. It’s not about who has the debit card in their hands, but rather understanding spending habits and alerting the cardholder, or even blocking transactions, when activity looks suspicious.
ALTR handles data the same way, by making security part of the core design of an application. This is a big change because it lets IT do what it does best, which is optimize infrastructure around cost, delivery, efficiency and innovation, without the responsibility for securing data. And it lets CISOs implement access governance policies on a fine-grained level, without worry about changes to infrastructure like migration to a cloud or hybrid IT configurations.
Could you discuss some of the different solutions that ALTR offers for both keeping data secure and keeping data private.
ALTR’s DSaaS service allows developers and security leaders to embed data observability, access governance, and at-rest protection natively into applications at the layer where data requests and data flows take place. This is done through smart drivers and APIs which create seamless connections to existing networks—it’s both practical and scalable. The result is that data is far more resilient to most types of failure and attacks, including insider threats.
It’s a model that works well for almost every pervasive data store—including those built on industry-standard SQL—such as Snowflake, Oracle Database, Microsoft SQL Server, IBM DB2, Apache Cassandra, MySQL, PostgreSQL, and Amazon Redshift. Data consumption auditing and policy-related events can also be sent to enterprise SIEMs and external security clouds and visualization tools, like Snowflake and Domo, to further understand and learn from data consumption behavior and make smart changes, for instance, in access governance policies.