Today’s business world is a data driven world – this is a truth universally acknowledged. But the data itself may not be so universal as some people would like it to be. However, they must understand that with complete accessibility, ensuring data privacy becomes a problem.
While there are a lot of ways to secure personal and company data that is not meant to be accessed by outsiders – it is far more difficult to do so when data has to be available for public use, at least to some extent. And asking data owners to share and allow using it doesn’t always work, either, as revealing interest in certain datasets is bad for some businesses.
On your website, you talk about securing the Data Triad. Could you tell us more about this concept?
Enveil is focused entirely on protecting data while it’s being used or processed, what we call Data in Use. This is different from the more familiar types of encryption that protect data as it moves through the network or while it’s at rest on the file system. We think it’s helpful to think of the distinction between these three states of data – at rest, in transit, and in use – as three points of a triangle that we call The Data Triad. While all are important, Data in Use is the segment that is most frequently overlooked, in part because it’s a hard problem to solve but also because, until fairly recently, there was a lack of scalable, practical, commercial-ready solutions.
What are the issues that come up most often when dealing with large amounts of data?
When I think of the challenges associated with large datasets, I generally think about governance, access, and usability. Each is critical and foundational – before you can do anything else with data, you have to know what you have/where it is, who has access to it, and how it will be used. Security teams spend countless hours trying to solve these problems so that the rest of the organization can put the data to work.
Keeping up with data privacy requirements can sometimes be complicated. What details do you think are often overlooked by organizations?
There is sometimes a temptation to react to regulations by locking down data to the point it becomes unusable, which is really counter-productive. Data is only as valuable as the insights you can extract from it so while it’s important to ensure data protection, you cannot do it by sacrificing usability. When business functionalities are inhibited by the surge in privacy regulations, organizations need to look for solutions that can help them comply while also allowing them to get the job done.
Which industries do you think should put more attention towards securing and managing their data?
While I firmly believe data privacy should be prioritized in all organizations, it absolutely must be a focal point for any organization dealing with sensitive or regulated data. This could be sensitive customer data including healthcare or financial records, but also information that is sensitive to the business such as IP or other competitive intelligence. The modern digital business landscape relies on trust and data privacy is the foundation upon which that trust is built. Neglecting to prioritize it has the potential to damage your business in ways that run far beyond regulatory penalties.
Read the full interview at CyberNews.
