2024 State of Data Security Report
We asked 700+ data professionals about their responsibilities, challenges, and outlooks on data security. See what they told us.
Today’s data engineering teams face various challenges wrangling massive volumes of data, dispersed stakeholders with competing priorities, and distributed data architectures. But of all these variables, which is the most taxing?
In this blog, we’ll delve into the most common data engineering challenges as reported by 600 data engineers, and how to address them in order to remove barriers and unlock innovation.
What are Today’s Most Common Data Engineering Challenges?
The Data Security and Data Access Disconnect
There’s a fine line between data security and data access. The two terms are not interchangeable, but data access is beneath the data security umbrella:
- Data security encompasses the processes and technologies that protect sensitive data from malicious access, alteration, disclosure, or leakage throughout its life cycle.
- Data access refers to the controls that allow users to access and use data for authorized purposes.
The data engineering survey found that 90% of respondents say they could improve their understanding of data access versus data security. Just 39% believe that data access is even a component of data security.
Misalignment between data security initiatives and data access controls makes effective sensitive data protection much harder to achieve. It leaves organizations vulnerable to leaks, breaches, insider threats, and other risks.
This is especially true when migrating data to the cloud. More than half (54%) of data engineers report that securing data with appropriate access rights is among their biggest challenges. Left unaddressed, this issue will continue to grow alongside cloud data usage.
Data Access Policies That Can’t Scale
Each new user onboarded to a cloud data ecosystem requires access and security policies governing which data they can see. Depending on the types of access control applied, this responsibility is highly burdensome for data engineering teams.
RBAC (role-based access control) requires new policies to be created and applied for every new data user. This leads role explosion and an excess of hyper-specific and static access control policies, all of which must be manually maintained.
Over two-thirds (69%) of survey participants report spending an average of 6-10 hours per week responding to, managing, and resolving data access issues – up to 480 hours per year.
[Read More]: RBAC vs. ABAC for Data Access Control Use Cases
For modern data stacks, manual access control policies are simply not scalable. More than half (51%) of data engineers say their existing policies limit their ability to securely scale data access. This not only burdens engineering teams, but it limits effective business-driving data use. A whopping 89% of respondents say their organization has missed business opportunities due to data access obstacles.
A Lack of Data Security Resources
As with any trade, the right personnel and tools are essential to success. Unfortunately, the lack of resources – skilled, robust teams and effective technologies – is a common data engineering challenge.
As massive amounts of data are moved to the cloud, the resources needed to secure and manage it aren’t scaling proportionally. Almost half of survey respondents claim that their data and IT teams are understaffed and do not have enough people to manage their data – and 36% believe that their teams have too much data to handle.
Saddling engineers with additional responsibilities and not prioritizing adequate support makes it difficult to attract top talent. Over a third (39%) of respondents report feeling burnt out to the point that they’d consider finding another job. And with only 26% of companies investing in automated data access tools to lighten this load, it’s likely that burnout will only get worse.
How to Address Data Engineering Challenges
Whether it’s a disconnect in data access policy implementation, unscalable frameworks, or increasing levels of burnout, the top data engineering challenges are generally traced back to one source: inefficient data security.
To address these challenges, you need to streamline data access and security processes. It is essential that all stakeholders are aligned, and that policies are implemented and managed efficiently. Adopting an automated data security platform helps close gaps and unify data access and security initiatives.
Immuta’s Data Security Platform automates scalable data discovery, security, and data monitoring. A plain language policy builder allows you to write and understand policies, regardless of technical expertise. This provides transparency about the relationship between data security and data access.
To address scalability issues, Immuta’s attribute-based access control (ABAC) provides highly flexible policy enforcement. ABAC policies are based on user attributes like geography, time and date, clearance level, and purpose, instead of singular roles like traditional RBAC policies. Most importantly, policies determine context-aware decisions at query time, meaning that data engineers no longer need to serve as manual gatekeepers for each and every user access request.
By reducing the burden on engineers, clarifying access initiatives, and compliantly securing data, a data security platform allows you to overcome these common data engineering challenges. To see how it works for yourself, request a demo with our team today.
