Often organizations have thought about setting security at their borders or boundaries, often thinking of firewalls as their primary security tool. While firewalls do help (quite a bit), they aren't the only tools that we need to ensure security. Those of us working with databases have known that things like SQL Injection mean that we need not only to be concerned about the client connection, but the data that is being moved as well.

One thing that has started to happen more is data being copied out of a single large database and into various other systems. These could be systems like warehouses or cubes, but data is also moving into other types of data stores, such as Power BI, which might be considered a new type of "edge" system. Certainly there are edge databases and replicated copies of things, but this means that our security needs to account for these new paradigms.

There was an article recently that talks about some of the challenges with the new world where we have lots of new devices connecting to our systems, and likely new applications that may move data around. I suspect that things like zero trust and new security by default practices will take some time to filter to many companies, but they will be important in the future. Criminals and hackers are getting better at quickly exploiting holes, so all organizations will feel some pressure to increase security in the next few years.

While encryption of our data is going to be important, the management of keys to access the data becomes the sticking point. I have yet to see any really good systems that don't require a lot of work, but there are good solutions in a connected world to ensure clients are validated before they are allowed to access data.

I'm hoping that we also start to see new ways for software developers to ensure data isn't being stored in local caches or files without some protection. We need to find ways to ensure that software developers adopt zero trust methodologies when they access and manipulate data in their applications. I also hope that more companies start to hold vendors accountable for strong security in their applications. With more and more access points to our networked systems, we need to ensure that all our software takes security seriously.