SecuPi Data Air-Locks offer a secured cross-border data collaboration and data-sharing while seamlessly addressing data privacy and sovereignty requirements on Cloud analytics platforms.
SecuPi Data Air-Locks are specifically designed to enable organizations to keep cloud data always secured.
Seamlessly enforcing data privacy, sovereignty, and security requirements in cross-cloud environments, SecuPi ensures the data is protected from ingestion to consumption, and is only decrypted in certain global locations and only for authorized users.
This approach allows organizations to easily govern and control all data access and data-processing transactions while enforcing full Segregation of Duties (SoD) on their Cloud data platforms and analytical workloads, ensuring that clear-text data is NEVER accessible globally, but can only be decrypted locally, on a ‘need-to-know’ basis, at a certain country.
SecuPi Data Air-Locks offer a future-proof technology with enhanced data security posture and reduced TCO (Total Cost of Ownership).
Want to learn more about how SecuPi Data Air-locks work?
Why Use SecuPi Data Air-locks?
Traditional encryption methods, such as Cloud cross-grained encryption andCloud analytics column-level encryption, are insufficient for addressing Segregation of Duties (SoD) requirements, making them available and within reach, for cloud administrators.
Organizations relying on using the traditional External Functions for encrypting/decrypting data on cloud analytics platforms will, sooner or later, face a variety of challenges when trying to change the schema, creating views and managing access to the views based on various attributes – a cumbersome, costly, resource demanding and time-consuming effort that cannot scale.
SecuPi Data Air-Locks enable these organizations to address Data Sharing, Sovereignty Requirements, SoD as well as controlling access to the clear-text data on a need-to-know basis, taking into consideration the location, citizenship, device, purpose and consent of the data subject.
Benefits of SecuPi Data Air-locks
SecuPi has partnered with all major Cloud Analytics platforms (including Snowflake, Redshift and BigQuery and more) to deliver Data Air-Locks that will enforce full SoD, ensure clear-text data is NEVER available in the platform while decrypting it at the edge/in Country, meeting data sharing and Sovereignty requirements.
- Enable secured data collaboration & democratization over cross-cloud, global data operations
- Full segregation of duties (SoD) & HYOK. ensuring data is never decrypted on-cloud
- Seamless enforcement of security, sovereignty, privacy & governance use cases
- Full visibility into every data access and data-processing transaction with full end-user context
- Sensitive data is always protected & access is controlled across ingestion and consumption technologies
SecuPi offers seamless end-to-end data security across your cloud’s data operations with Full SoD and zero code changes.
Use Case Example
A global customer with offices in multiple location (Japan, USA) is using AWS data platform as the organization’s global analytical platform. Key requirements are enforcement of data security and data sovereignty, ensuring that Japanese sensitive data is not exposed outside of Japan. This means that data must be secured BEFORE it is ingested to the AWS platform, and that customer data (encrypted in AWS datastore) can only be decrypted by SecuPi Data Air-Lock configured in AWS Japan to authorized users.