Adoption of A Cloud Data Platform
Adoption of a cloud data platform, intelligent data analytics while maintaining Security, Governance, and Privacy
Atalia Horenshtien, Director of Sales Engineering & Alliances at SecuPi, Hugo Sheng, Senior director of partner engineering at Qlik & Carlos Bouloy, Senior Solutions Architect – Technology Alliances at Snowflake
“You cannot be the same, think the same and act the same if you hope to be successful in a world that does not remain the same”
This sentence by John C. Maxwell is so relevant to rapidly changing cloud hosting technology.
Businesses understand the added value and are looking at cloud technologies to handle both operational and analytical workloads.
Yet traditional in-house data security solutions are not enough to address constantly increasing data privacy regulations and security requirements. Especially now that the data may be hosted almost anywhere and accessed from almost anywhere.
The New Reality
Cloud hosting providers along with the databases and applications that run on cloud-hosted infrastructure do a great job of providing as good or better security controls as their prospective customers enjoy today on-premise. However, this is often not enough for many customers who need additional safeguards for PII/PHI data hosted in the cloud. Data privacy regulations are also not making life easier – ‘Protection by Design & Default’ and ‘Right of Access’, who has access to the keys and the need to distinguish between privileged users with access to the infrastructure (DBAs, SysAdmins) that shouldn’t see sensitive data, and users who authorized to view the sensitive data all present challenges. Users should be exposed to the data on a “need-to-know” basis, irrespective of the tool they are using, while denying Infrastructure providers any ability to view sensitive data.
The Solution – Qlik<>SecuPi<>Snowflake
Qlik, SecuPi, and Snowflake provide full coverage for Data protection from ingestion to Consumption. SecuPi enforcement points on Qlik Replicate can encrypt sensitive columns during the data loading process (while holding encryption keys on-prem or in any cloud Key Management System). Data remains encrypted from on-premise environment(s) until landing on Snowflake where the data is stored at rest encrypted. The same SecuPi enforcement points on Qlik Sense then ensure that the data is decrypted only when consumed back on-prem by authorized users. This Hold Your Own Key (HYOK) data protection model, invented by SecuPi is used by some of the most regulated organizations to comply with CCPA, GDPR, HIPAA, and other Financial Services privacy regulations.