Data Cross-Borders In 2023
Cross-border data transfers allow software companies to provide new and innovative services to every sector of the economy – driving growth, enabling the technologies of the future, improving health and safety, and promoting social good. How can companies establish secured data operations and meet compliance with local and global data privacy and sovereignty regulations with regards to data cross-borders in 2023?
The Data Opportunity and the Data Risk
An almost incomprehensible amount of data is created every day, and each year, figures are growing at an ever-increasing rate. In fact, in 2023 120 zettabytes (or 328,767 Petabytes) will be created, growing to 181 zettabytes in 2025. The digital transformation to the Cloud offers organizations an unmatched access to business and operational insights, enabling growth and innovation.
Data collaboration offers organizations with various benefits such as:
- Facilitate growth & increasing revenue across multiple lines of business through efficient data processing and analysis.
- Expand within existing markets and penetrate new markets, leveraging global experience and data-collaboration.
- Reduce risks, costs, and inefficiencies across business operations.
- Improve customer experience, loyalty & brand value.
While these numbers and opportunity they represent are staggering, this means that tighter data governance, efficient access & processing control and data-security are becoming key part of any organization data-operations ensuring compliance with local and global data privacy and Sovereignty regulations.
Privacy Regulations Rapidly Expand, Becoming More Comprehensive
Data privacy laws globally are continuously expanding and enhanced with multiple countries regulations are being revisited in light of technology enhancement and associated security risks. Some examples include: ECHR, ePrivacy & EECC (EU); PIPEDA (Canada), PDPL (Saudi-Arabia), Digital Personal Data Protection Bill (India). In addition, the following are some of the top privacy laws addressing data Sovereignty & data cross-border.
- Australia’s amended Australia Privacy Act
- Brazil’s General Data Protection Law (LGPD)
- Japan’s Personal Information Protection Act (PIPA)
- Kenya’s Data Protection Act, 2019 (DPA)
- South Africa’s Protection of Personal Information Act (POPIA)
- South Korea’s Personal Information Protection Act (PIPA)
- Payment Card Industry Data Security Standard (PCI DSS 3.2.1/4.0)
The Risks of External Functions, Encryption Services & Key Sharing
Traditional solutions for data protection such as the use of an encryption service and external function fail to offer the required level of security and compliance:
- Organizations relying on using External Functions for encrypting/decrypting data on cloud analytics platform will face a variety of challenges when trying to change the schema, creating views and managing access to the views based on various attributes – a cumbersome, costly, resource-demanding and time-consuming effort that cannot scale.
- Furthermore, organizations using an External Functions are facing a severe security risk as the External Function can be invoked by the Cloud Account Admins, eroding SoD posture and are returning the clear-text data back to the Cloud analytics platform – which would not serve the purpose of the law.
Establishing Compliant, Secured Data Operations with Data Air-Lock
SecuPi offers seamless end-to-end data security across your clouds data operations. No APIs, No External Function. SecuPi platform offers full SoD (Segregation of Duties), Key Segregation (Hold Your Own Key) and zero-code implementation.
- Enable secured data collaboration & democratization over cross-cloud, global data operations
- Full segregation of duties (SoD) & HYOK. ensuring data is never decrypted on-cloud
- Seamless enforcement of security, sovereignty, privacy & governance use cases
- Full visibility into every data access and data-processing transaction with full end-user context
- Sensitive data is always protected & access controlled across ingestion and consumption technologies
SecuPi has partnered with major Cloud Analytics platforms (including Snowflake, Redshift and BigQuery and more) to deliver Data Air-Locks that seamlessly enforce full SoD, ensuring clear-text data is NEVER available in the platform while decrypting it at the edge/in Country, meeting data sharing and Sovereignty requirements.
Customer Case Study
A global customer with offices in multiple locations (Japan, USA) is using AWS data platform as the organization’s global analytical platform. Key requirements are enforcement of data security & data-Sovereignty, ensuring Japanese sensitive data is not exposed outside Japan. This means that data must be secured BEFORE it is ingested into the AWS platform and that customer data (encrypted in AWS datastore) can only be decrypted by SecuPi Data Air-Lock configured in AWS Japan to authorized users.
Want to learn more about how SecuPi Data Air-locks work?