Secure access to sensitive data in #Confluent and achieve least privilege across the enterprise with Veza's 250+ integrations. 👉 https://bit.ly/3zGfG61 #cybersecurity #cloudsecurity #identitysecurity
By the way, one additional thing that I want to point out is that the IGA is to govern access— the access that allows you to impact CIA of data so understanding data lifecycle is critical. I saw that Veza and some other new IGA vendors are already getting into grant level governance of data lake houses like Snowflakes and Databricks. A lot of people think of Kafka and Enterprise Service Buses as as integration platforms and not data repositories. Often time we care about data at rest and data in transit but forget about data in use. While Kafka is not a data at rest repository but to prevent event loss, it does persist data temporarily and after managing DevOps of one of the largest consumer of Kafka in a previous life, that temporary storage could be days if not weeks and therefore the access rights to production Kafka become critical for data governance also Question I want to ask Veza is why to do access control at Confluent level and not at the access model available in open source Kafka so that any and all implementations of Kafka will benefit from it? Does Confluent provide significant enhancements in delegated administration and fine grained entitlement model that it requires a unique solution?
Product Strategy, Product Management, Cybersecurity, CISO, Cyber Executive, SaaS DevOps, FinOps, Security, Sales Consulting, Alliances, Partner, Technical and Sales Enablement
1moWhen it comes to project management, DevOps and CI/CD tools, does Veza has the preseeded SoD data that ensures that proper separation of roles and responsibilities between architects, developers, product managers, project managers, Risk managers, security champions, security custodians and SREs and administrators is maintained across all the toolset that jointly define the DevOps and CI/CD deployment? I think most deployments focus on their automation, collaboration, and efficiency-related capabilities and don't get to leverage IGA vendor leadership in enforcing the configuration management and change management hygiene. Having a cross-tool SoD rule set will go a long way in ensuring compliance to a lot of requirements in these areas that are paper-enforced and not formally monitored right now.