Protect Sensitive Data in the Cloud Before or Immediately After it Lands with Zero Interruption to Business Process or Analytics

AWS is emerging as a critical platform as CIOs look to shift increasingly more applications to the cloud. Recently though, the press has been full of high profile sensitive data leaks and configuration errors.

Don’t let basic human errors open your organisation up to public mistakes or fines, simply protect the data itself. If the protection follows the data, protected data can be used by some analytics “as is,” then it can flow even more freely. Minimally, the protected data should be able to move to a different platform and hope to be unprotected there, based on centrally managed policies. The Protegrity Data Security Gateway for Amazon S3 Package or the Protegrity Big Data Protector for Amazon EMR Package can enhance the level of security on your most sensitive data quickly and easily.

  • Designed, developed, and tested in partnership with Amazon
  • Enhance data security for Amazon with simplified management and optimized performance
  • Apply protection and unprotection at strategic junctures of data flow
  • Utilized Separation of Duties with central policy management
  • Protect data at rest, in use, and in transit
  • De-identify and protect sensitive data. Only unprotect close to human consumption by authorized users
  • Centralized governance, auditing, alerting, and reporting

Bad guys are using your employees with privileged administrative access to get into your data warehouse, through phishing and other forms of social engineering. Simply using encryption to provide only coarse-grained protection does not provide enough risk mitigation to respond to today’s internal and external threats. Instead it makes sense to adopt two principles:

Segregation of Duties
To avoid conflicts of interest, those that need to see sensitive data in the clear should not be able to control access rules. Conversely, those that manage the data should not be able to view particularly sensitive data fields in the clear.

Least Privilege
Business users should only see sensitive data that they need to perform their role (a “need to know” basis) and nothing more.

Protegrity helps you protect all data flowing into the platform while allowing that only authorised users with a legitimate need can see sensitive data.

Ask an Expert

Connect with us today for a no-obligation consultation or to speak with a security expert.