State of Data Engineering Survey Reveals Data Security and Access Blind Spots
Challenges with scaling and managing data security and access are causing engineer burnout and impacting business outcomes, Immuta survey reveals.
Note: TDWI’s editors carefully choose press releases related to the data and analytics industry. We have edited and/or condensed this release to highlight key information but make no claims as to its accuracy.
Immuta announced the findings of its third annual State of Data Engineering Survey that highlights the top data engineering challenges and blind spots as organizations strive to become more data-driven. The findings show the tangible impacts of these challenges, including the fact that 89 percent of organizations report missing business opportunities because of data access bottlenecks.
The 2023 State of Data Engineering Survey, commissioned by Immuta and conducted by global technology market research firm Vanson Bourne, surveyed 600 data practitioners across the
U.S. and EMEA representing a variety of public and private sector companies.
The need for organizations to be data-driven is more critical than ever in today’s business environment. However, the survey found that this isn't yet a reality; organizations reported only using an average of 58 percent of their data in decision making. The report suggests that data security and access challenges are largely to blame, with most data professionals reporting a lack of visibility into data access controls and how they correlate with data security—90 percent admit they could improve their understanding of the association between the two.
More than half (54 percent) of respondents also reported that securing data with appropriate access rights is one of their biggest hurdles. Although almost 60 percent believe their organizations should be placing extra emphasis on data security, only 39 percent consider data access to be part of data security. This alarming disconnect between security and access negatively impacts data engineers’ daily lives, with 40 percent claiming that managing data access makes them feel burnt out.
“As data moves from on premises to the cloud, this clear disconnect between data security and access not only hurts organizations’ data-driven initiatives and business outcomes but also increases their risk of data leaks and breaches,” said Matthew Carroll, CEO of Immuta. “To better support data teams when it comes to bridging these disconnects, CISOs need to step in and become more of an enabler of the modern data stack. This will require security and data leaders to work more closely with their teams to prioritize balancing security and access effectively.”
Other key findings highlight additional challenges organizations face when optimizing data security and access policies, including:
- There is a lack of clear ownership of data policies. More than half (63 percent) of data professionals reported not having complete visibility over who has access to what data. Responses to which team is responsible for validating policy compliance with regulations also varied greatly between the IT team (40%), security team (14 percent), data team (14 percent), compliance team (12 percent), privacy team (12 percent), and legal team (9 percent), indicating the lack of a standardized process across organizations.
- Data policy complexity limits More than half (51 percent) of data professionals claim current data access control policies limit their ability to scale secure data access.
- Cloud migration is underway but resources are constrained. Despite data professionals expecting more than two-thirds (68 percent) of their data to live in the cloud by 2024, 41 percent reported that they don’t have enough people to manage or analyze their data, and 36 percent express concerns about having too much data.
- Legacy approaches to data access control are a roadblock to Nearly half (46 percent) of respondents reported that their organization’s current data access control policies make it difficult for people to do their jobs.
The full report is available here. (Short registration required.)