• Privacy Policy
Monday, February 6, 2023
Data Centre & Network News
ADVERTISEMENT
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
Data Centre & Network News
No Result
View All Result

Datacentric security: Understanding this approach

Carly Wills by Carly Wills
November 11, 2020
in Data
12 1
0
Share on FacebookShare on Twitter

By Trevor Morgan, product manager at comforte

The way in which our data is protected often means locking away any sensitive information until it is needed for a specific reason. Though this may be a good idea for some elements of data that aren’t needed, it also de-values data by limiting accessibility. Limited or no access to this data means you can’t use it to its full potential. Even when such data is locked away, it is not always guaranteed that it will be secure.  In this more traditional view, data is either locked away and unusable or unavailable for access; seemingly there is no in between.

Modern cloud applications contain vast amounts of sensitive data and are often linked to multiple devices. Look, for example, at Amazon Web Services. Many organisations are leveraging this cloud technology in some shape or form, and as these cloud services become more commonplace, more and more data is stored in them. Although this may seem like an innovative way to store data, human error is bringing the security of these systems down. Far too often, businesses upload their data and then forget about it, assuming that built-in security systems will be enough to protect the data from hackers and cybercriminals; in some cases, unfortunately, security isn’t even implemented. As we have seen time and time again, this approach is failing us. If a data breach were to happen, it is the owners of that data who are punished and pay the hefty regulatory penalty.

Fortunately, this problem has a clear solution. In order to secure data, we have to do just that – secure the data rather than the elements and environment around it. This is where data-centric security comes in to secure both the data as well as the perimeters that surround it. After all, what is the point of securing the vessel if there is a treasure trove of data left unattended inside for a well-versed hacker to come and take?

By adopting a data-centric mindset to secure information, businesses that process and store sensitive information can neutralise datasets. One way of doing this is to put a ‘token’ in place of sensitive information. In this way, organisations can fully protect the data, as the token becomes meaningless by outsiders. For example, if a business wanted to target a group of customers within the same location, then they could isolate this dataset under a location token. This method allows the data to be used in a productive way, while remaining secure in the event of lost or compromised information due to a misconfiguration. Indeed, even if a breach were to occur, the data would be meaningless and uninterpretable. This is what all businesses should strive for: ensuring total security of data while also protecting it from outsiders.

This is where the use of data tokenisation and encryption methods can have a huge impact. The combination of these methods allows organisations to freely use and manoeuvre their data while also enabling its security. Data that is tokenised can also be shared with third parties without the risk of revealing sensitive information, particularly in a low-trust environment. This includes cloud environments where data might be used in a dev-and-test approach, as well as data science environments where data is used for analytical purposes. Essentially, tokenisation and data-centric encryption allow for a secure migration to cloud while also minimising the risk and compliance at the same time.

Why use tokenisation?

The use of tokenisation has become popular within the CISO community because it complies with several critical regulatory frameworks including PCI DSS and HIPPAA. Consumers are also unknowingly using this technology on a daily basis, especially if they use payment services on their phones. This payment method essentially replaces any sensitive information such as card details with a token, keeping that information secure and yet still applicable. Evidently, this reduces the risk in payment environments that still facilitates quick and easy payment.

With these new, modern technologies, tokenisation and data-centric encryption can apply more traditional methods of restriction to almost any dataset that processes individual fields. That means it could be sensitive information like a US tax IDs, UK National Insurance Numbers or personal addresses. Basically, any piece of information deemed sensitive under CCPA and HIPAA can be replaced with a token and, as such, protected in an effective way. Additionally, as regulatory frameworks evolve this may be useful in protecting data that is unsecure.

A key benefit of using tokenisation is it can be scaled to fit the size of the dataset. Tokenisation can also be implemented quickly and efficiently, meaning you don’t have to open the applications and recode them. This approach to data security minimises time and effort and allows for a quick transfer into already existing environments. This need to be more data-centric in how we protect our data is driven by regulations like GDPR, which mandates that security is built into systems processing or holding consumers’ sensitive information. Tokenisation and other modern forms of data protection allow for businesses to truly protect important and sensitive data, enabling them to integrate privacy and security where needed most.

Share5Tweet3Share1

Related Posts

NAKIVO releases v10.8 with vSphere 8 support

NAKIVO releases v10.8 with vSphere 8 support

January 24, 2023
49
Aerospike connect

Aerospike releases Aerospike Connect for Elasticsearch

January 18, 2023
47
Yorkshire Water accelerates data innovation

Yorkshire Water accelerates data innovation

January 5, 2023
72
Kester Capital acquires majority stake in DC Byte

Kester Capital acquires majority stake in DC Byte

December 20, 2022
100
What can data professionals expect in 2023?

What can data professionals expect in 2023?

December 13, 2022
48
UK finalises deal with South Korea to help unlock millions in growth

UK finalises deal with South Korea to help unlock millions in growth

November 24, 2022
54
Next Post
Data and HR experts form pioneering ethics board to tackle misuse of AI

Data and HR experts form pioneering ethics board to tackle misuse of AI

Kao Data Partners with Vorboss, offering Specialist Low-Latency Connectivity for Fintech

Kao Data Partners with Vorboss, offering Specialist Low-Latency Connectivity for Fintech

ADVERTISEMENT
DRC’s first open-access data centre shortly to be operational
Data Centres

DRC’s first open-access data centre shortly to be operational

February 6, 2023
34
Data centres face three key challenges in 2023
Data Centres

Data centres face three key challenges in 2023

February 3, 2023
52

Head office & Accounts:
Suite 14, 6-8 Revenge Road, Lordswood
Kent ME5 8UD
T: +44 (0)1634 673163
F: +44 (0)1634 673173

Data Centres

DRC’s first open-access data centre shortly to be operational

February 6, 2023
34
Data Centres

Data centres face three key challenges in 2023

February 3, 2023
52
  • Privacy Policy

© 2023 All Things Media Ltd.

No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact

© 2023 All Things Media Ltd.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Cleantalk Pixel
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.