Adoption of a Cloud Data Platform, Intelligent Data Analytics While Maintaining Security, Governance and Privacy
By Atalia Horenshtien (Director of Sales Engineering & Alliances at SecuPi) Hugo Sheng (Senior Director of Partner Engineering at Qlik) and Carlos Bouloy (Senior Solutions Architect - Technology Alliances at Snowflake)
“You cannot be the same, think the same and act the same if you hope to be successful in a world that does not remain the same.”
This sentence by John C. Maxwell is so relevant to rapidly changing cloud hosting technology. Businesses understand the added value and are looking at cloud technologies to handle both operational and analytical workloads. Yet traditional in-house data security solutions are not enough to address constantly increasing data privacy regulations and security requirements — especially now that the data may be hosted almost anywhere and accessed from almost anywhere.
The New Reality
Cloud hosting providers, along with the databases and applications that run on cloud-hosted infrastructure, do a great job of providing as good or better security controls as their prospective customers enjoy today on-premise. However, this is often not enough for many customers who need additional safeguards for PII/PHI data hosted in the cloud. Data privacy regulations are also not making life easier: ‘Protection by Design & Default’ and ‘Right of Access’ are just two such regulations, not to mention needing to be mindful of the level of access permitted certain kinds of users. There are privileged users with access to infrastructure (DBAs, SysAdmins) who shouldn’t see sensitive data, whereas there are users who are authorized to view that sensitive data. In short, users should be exposed to data on a "need-to-know" basis, irrespective of the tool they are using.
The Solution: Qlik, SecuPi and Snowflake
Qlik, SecuPi and Snowflake provide full coverage for data protection from ingestion to consumption. SecuPi enforcement points on Qlik Replicate can encrypt sensitive columns during the data loading process (while holding encryption keys on-prem or in any cloud Key Management System). Data remains encrypted from on-premise environment(s) until landing on Snowflake where the data is stored at rest encrypted. The same SecuPi enforcement points on Qlik Sense then ensure that the data is decrypted only when consumed back on-prem by authorized users. This Hold Your Own Key data protection model, invented by SecuPi, is used by some of the most regulated organizations to comply with CCPA, GDPR, HIPAA, and other financial services privacy regulations.
Curious to learn more? Read the full whitepaper.
