NonStop Insider

job types

Site navigation

Recent articles



For monthly updates and news.
Subscribe here
NonStop Insider

How to Stay Agile and Compliant with Format-preserving Protection for Analytics



comforte new 2018


Cloud-based analytics offer a truly transformative opportunity for global organizations. By extracting insights from data, they are already helping companies better serve their customers, improve operational efficiencies and make better business decisions. It’s a fast track to higher revenue, lower risk, improved productivity and enhanced customer retention. Yet when data is stored and managed in large volumes, significant risks are involved, not least in compliance terms.

Compliance officers might think the best way to solve these problems is by forcing project owners to anonymize or mask their data or even not use sensitive data at all. Of course, this would defeat the purpose of data analytics. Instead, organizations can be more innovative by applying format-preserving data protection.

A patchwork of regulations

The EU General Data Protection Regulation (GDPR) moved the dial on data protection laws when it was introduced in 2018. Not only does it apply extra-territorially, meaning organizations outside the bloc must follow its rules if they process data on EU citizens, but it has since spawned numerous copycat laws across the globe. Not only did it grant consumers (data subjects) new powers of their personal information, it placed, at times, onerous new obligations on data processors. Hefty potential financial penalties of up to €20m or 4% of global annual turnover were intended to make boardrooms sit up and take notice.

Similar laws worldwide have followed suit, just as the California Consumer Privacy Act (CCPA) has inspired legislators in other US states. But that means a patchwork of regulations that global organizations must navigate if they want to tap the benefits of cloud-based analytics without risking severe penalties. Data on customers, partners and employees must be adequately protected as it flows across different databases and applications on-premises and into the cloud. Only a comprehensive and continuous audit of this entire data landscape will do.

Yet the challenge is that each new tool added to the IT infrastructure will increase complexity and demand more personnel and time to manage audits successfully. And many data protection approaches fail because they don’t have continuous visibility and control in cloud environments or across all data types.

Data-centric security

Data-centric security offers a more intelligent way to manage the compliance challenges related to cloud-based data analytics. There are three primary goals:

To achieve this, organizations must look to technology vendors like comforte, which offers:

The key is to apply data-centric security before data is ingested into cloud analytics systems by first discovering all data, identifying sensitive elements and then adding protection. This means no sensitive information will be stored in the cloud, and compliance risk is minimized. With technology like comforte’s platform, organizations have the agility to optimize their use of data without running the risk of non-compliance—not just today but as technology and regulations evolve over time.

Discover, classify, and protect sensitive data as prescribed by PIPL, GDPR and beyond.

Agile data security solutions are required to keep up with the constantly changing scope of data protection laws. Click the button below to download the Solution Brief about our Data Security Platform and learn how to discover, classify, and protect sensitive data in the cloud, on-premises, or both.

Download Solution Brief