Data-centric security is an approach to data security that focuses on protecting the data itself – rather than the security of networks, servers, or applications that store the data. Data-centric security takes data context into account, prioritizing the data stores or datasets that contain sensitive information (e.g., credit card numbers). It aims to protect this data throughout its lifecycle and involves data discovery, classification, detection, and response.
A data-centric security model provides tools to identify the data stores that contain sensitive information, along with the means to strengthen the security posture of these assets – such as through access controls and policies, encryption, data masking, and static risk analysis. Newer solutions also focus on detecting risks to sensitive data in real time, such as a user taking a snapshot of a database containing customer details just before leaving the company.