Exhibitor Press Releases

Subpage Hero

  

27 Sep 2022

How to Stay Agile and Compliant with Format-preserving Protection for Analytics

How to Stay Agile and Compliant with Format-preserving Protection for Analytics
GDPR, PCI DSS, Compliance, Big Data Analytics, CCPA

Cloud-based analytics offer a truly transformative opportunity for global organizations. By extracting insights from data, they are already helping companies better serve their customers, improve operational efficiencies and make better business decisions. It’s a fast-track to higher revenue, lower risk, improved productivity and enhanced customer retention. Yet when data is stored and managed in large volumes, there’s are significant risks involved, not least in compliance terms.

Compliance officers might think the best way to solve these problems is by forcing project owners to anonymize or mask their data, or even to not use sensitive data at all. Of course, this would defeat the purpose of data analytics. Instead, organizations can be smarter, by applying format-preserving protection.

A patchwork of regulations

The EU General Data Protection Regulation (GDPR) moved the dial on data protection laws when it was introduced back in 2018. Not only does it apply extra-territorially, meaning organizations outside the bloc must follow its rules if they process data on EU citizens, but it has since spawned numerous copycat laws across the globe. Not only did it grant consumers (data subjects) new powers of their own personal information, it placed at times onerous new obligations on data processors. Large potential financial penalties of up to €20m or 4% of global annual turnover were intended to make boardrooms sit up and take notice.

Many similar laws around the world have followed suit, just as the California Consumer Privacy Act (CCPA) has inspired legislators in other US states. But what that means is a patchwork of regulations which global organizations must navigate if they want to truly tap the benefits of cloud-based analytics without risking serious penalties. Data on customers, partners and employees must be adequately protected as it flows across different databases and applications on-premises and into the cloud. Only a comprehensive and continuous audit of all of this entire data landscape will do.

Yet the challenge is that each new tool added to the IT infrastructure will increase complexity and demand more personnel and time to successfully manage audits. And many data protection approaches fail because they don’t have continuous visibility and control in cloud environments, or across all data types.

Data-centric security

Data-centric security offers a more intelligent way to manage the compliance challenges related to cloud-based data analytics. There are three primary goals:

  • Put your data warehouse and analytics environment out of scope for PCI DSS. This would help to reduce associated costs. (A comforte customer reduced security compliance scanning by 30%)
  • Ensure that your data warehouse and analytics environment is compliant with privacy regulations such as GDPR. This would help to reduce project risk and accelerate the adoption of new tools and technologies
  • Ensure that any privacy solution you deploy is sustainable and future proofed. This would help to speed time to market and the enrolment of new applications for future projects. It could also reduce costs if capabilities are consolidated on a single vendor. (A comforte customer simplified its security architecture, with the associated benefit of 16.8m).

To achieve this, organizations must look to technology vendors like comforte, which offers:

  • Continuous discovery of sensitive data, no matter where it is
  • A variety of end-to-end format preserving protection (eg: tokenization, format-preserving encryption) which ensures data can be used in analytics projects
  • A single, unified solution which enables centralized management and enforcement of policies for all current and future projects and applications
  • Simple, streamlined integration of any data source, ensuring data is safe not just at-rest and in motion, but also when it is used or shared

The key is to apply data-centric security before data is ingested into cloud analytics systems, by first discovering all data, identifying sensitive elements and then adding protection. This means no sensitive information will be stored in the cloud and compliance risk is minimized. With technology like comforte’s platform, organizations have the agility to optimize their use of data without running the risk of non-compliance—not just today but as technology and regulations evolve over time.

Loading

Partners

Knowledge Partner

  • BICSI
  • BICSI

News Distribution Partner

  • AiSP
  • ACN Newswire
  • Arc Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Finetech Assosciation of Hong Kong
  • Accelerating Asia
  • co-creation lab
  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • CSCIS
  • ISACA
  • La French Tech
  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Singapore Chamber of E-Commerce
  • Smart Asia India
  • Forrester

Associate Content Partner

  • ACN Newswire
  • Uptime Institute

Strategic SEO Partner

  • Uptime Institute
  • AdVantage

Strategic Event Partner

  • ISC2
  • Frost & Sullivan

Event Partners

  • CREST
  • ADPT

Event Partners

  • ISACA
  • DailyTech

Event Partners

  • OT-ISAC
  • Cloud Security Alliance

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • CSCIS
  • La French Tech
  • ASME
  • ERMA

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India
  • Crest

Media Partners

  • AdVantage
  • ACN Newswire
  • APAC CIO
  • APSM
  • Asia Blockchain Review

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

Official Partner Hotel

  • MBS

Held In

  • SG

Supported By

  • SG