Information security is continuing to be one of the top priorities on the minds of business executives and leaders around the world. The threat of cyber attacks, hackers and ransomware are all contributing to an increase in the amount of time and money companies are investing to protect their most valuable assets, their data and documents.
Are cloud solutions safe and secure?
In addition, organizations today want to use Cloud storage and Cloud applications, so IT teams are seeking safe and secure environments in which to place their information. These environments must be scalable, flexible, robust and resilient, and organizations are starting to realize that Cloud solutions can bring all of these characteristics to the table. Privacy, risk and compliance teams however, are resistant to moving data into the Cloud, arguing that the risks associated with Cloud solutions typically outweigh any benefits.
Privacy Rules in Canada and the USA
Canadian companies need to keep in mind that even publicly available personal information is subject to a combination of Canadian privacy and residency laws such as The Privacy Act, The Personal Information Protection and Electronic Documents Act (PIPEDA), The Freedom Of Information And Protection Of Privacy Act (FOIPPA), and the recently approved Digital Privacy Act (DPA), Senate Bill S-4.
In the USA, laws such as the Foreign Intelligence Surveillance Act (FISA), or the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act), are applicable to companies within the United States.
Within the European Union (EU), privacy rules are even more robust. The General Data Protection Regulation (GDPR) is a regulation by which European Parliament, the European Council and the European Commission collectively designed policy to strengthen and unify data protection for individuals within the EU. The primary objective of the GDPR is to return control of personal data to citizens, and it addresses export of personal data outside the EU, which has become increasingly restricted.
A revolutionary solution to address information security
Is there a solution that addresses the requirements of information security and data residency for the three jurisdictions listed above? Yes, it’s called DataStealth.
At a high level, the DataStealth appliance is placed at the egress point of your infrastructure and inspects every element of your data on the way out, identifying and extracting private sensitive and/or confidential data discovered in the stream. On the return trip, at the ingress point to your infrastructure, the data passes through the DataStealth appliance again, and the original data is reinserted into the stream prior to presentation to the end user, but only for authorized users, and only for authorized use cases.What makes DataStealth so revolutionary is that DataStealth is truly plug and play, and is transparent to both end users and to Cloud providers. No app development is required. No code changes are required. No plugins (no API, desktop app, or browser plugin) need to be installed. No software or databases need to be installed and managed. In addition, there is no key management required at all.
Too good to be true? Definitely not.
Take a closer look at some of these assets to get an even deeper insight.
View the white paper, Data Residency: A Guide for Data in the Cloud
View this video to learn more about DataStealth's strategy to protect your data.
Contact Sentia today to learn more about how DataStealth can help secure your most valuable data and documents, address compliance and regulatory requirements, and reduce the scope of your annual PCI audit.
Allan Kennedy
Senior Account Executive, Sentia
Find me on LinkedIn