How does your pursuit of advanced analytics technologies affect your organization’s information security? Are you prepared to embrace a powerful, radical new technology to create harmony between the two? How can you protect your data while it is in use?

buzzword_salad.PNG

Like many businesses, you may have some data from one source or another that you believe can drive business value. You’ve done a good job so far keeping it encrypted in use and at rest, perhaps following the best practices described to you by your cloud storage provider. Now you’re ready to extract that business value and you’re starting to think about data in use. You’re probably looking at decrypting your data as a necessary prerequisite for doing something constructive with it, and in so doing you’ve introduced a vulnerability.  

This decryption step presents more financial liability than is obvious. Not only is there a risk of losing the data but you now need a bureaucratic apparatus to decide who should see this data and the decryption keys needed to create it. This is a data governance headache that costs billions of dollars every year as highly-paid and in-demand data professionals wait for a green light to do their job. There is a better way, one that is both more secure and more efficient because it eliminates the conflict between analytics and security.

It might be even worse than this, though. It is very likely (especially if you are interested in the new technologies attached to words like datascience, deep learning, or blockchain) you will need the help of external partners to extract this value. You are now looking at handing over your recently decrypted data to people outside of your organization and to some degree outside of your control. The lesson of history is that it will reflect on you if they lose it.

You need a technique for encrypting data in use and this is where Capnion’s Ghost PII can help.

An aerial view of the common relationship between consumers, primary data holders, and their analytics partners.

An aerial view of the common relationship between consumers, primary data holders, and their analytics partners.

Above and below are diagrams showing new and old data pipelines for interacting with your analytics partners. The one above is quite simple with unencrypted data turned over to the partner wholesale. Below is a new model that takes advantage of an emerging technology called homomorphic encryption - informally, this technology lets you analyze data while it is still encrypted (with no decryption!) to obtain an encrypted answer. In this new model, all data is encrypted until the very end when the primary data holder decrypts the insight, and only the insight, from their analytics partner.

An aerial view of a data flow model enabled by homomorphic encryption, with limited data encrypted at the very end.

An aerial view of a data flow model enabled by homomorphic encryption, with limited data encrypted at the very end.

Click here to continue reading about what Capnion has to offer and how we can help you both secure and exploit the value in your data. If you’ve read enough and you’re ready to start a conversation, feel free to contact us directly. You can also find general information about these technologies (and others) on our education page or blog.