With organizations moving to become data led, one cannot ignore the many vulnerabilities created by the usage, storage and proliferation of data. The flow of data creates the business need to ensure its safety end-to-end.
With a barrage of regulatory and compliance requirements for Banks and Financial services (PCI, POPI, AML etc) protection of data as a key asset becomes a profound need. This includes who can see it, who can use it and who can process it.
A business exists as a result of its customers. Any compromise or breach would mean possibly being out of business.
If you look at the speed at which instructions are computed and how technology has evolved at the rate of Moore’s Law – so criminals and their infrastructure has also evolved.
Algorithms and key management that is almost impossible to crack require a multi-faceted approach with constantly changing keys within the hierarchy of keys. Hacking or any sort of intrusive malware renders data useless if it’s encrypted.
People now become your point of failure but multi-disciplinary approaches to security with encryption and different roles and responsibilities with a savvy architecture resolves this issue.
Making sure that your data is secure, locked and available to registered users is fundamental to privacy and unauthorised access.
Data is now becoming an asset to organizations as they are able to derive predictive behaviour (AI) on their customers based on the many data sources available. This creates a new complexity as data is now made available to larger business audiences. It makes sense to ensure various levels of encryption available to manage this behaviour.
Customers place their “TRUST” in a corporation to protect their personal and financial information. This trust is based on an understanding that the corporation has the best protocols to ensure, integrity.
So what happens when this TRUST is broken…You get disillusioned customers whose data has been compromised and possibly used in fraudulent activity. Impairments and losses that could compromise a sound business and create extremely negative publicity and could lead to customers reacting by going elsewhere.
There are many encryption solutions available on various platforms, what is unique about pervasive encryption Hassem Prag offers.
Large scale applications with millions of lines of code require people to manage, maintain and innovate. Can you imagine people now trying to find out where in the code must I insert the APIs for encrypting data. Some organizations may have a few I/O modules but those that don’t are in serious pain.
The timelines to implement will take years. Our experience with PCI has shown how not to do things.
Pervasive implies “being everywhere” so pervasive encryption allows for encryption to happen without any application changes…this takes a project from years to 90 days, which is more our line of thinking. Incremental scaled agile delivery with outcomes being visible all the time.
At Hassem Prag we deliver incremental scaled agile delivery with outcomes being visible all the time.
by Jay Prag