Services Industries Cloud Cybersecurity Digital EngineeringNXT Holmes Geographies
Search Overlay Hamburger Icon

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platform
Consulting
Infrastructure Services

Service Offerings

Data, Analytics & AI
Applications
Digital Operations and Platform
Consulting
Infrastructure Services

Client Themes

As a service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything

Client Themes

As a service
Big Data
Blockchain
Cyber Security & Enterprise Risk
DevOps
Enterprise Ops Transformation
Industry 4.0
Open Source
Product Lifecycle Management
Software Defined Everything
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public sector
Retail
Semiconductors
Travel & Transportation
Utilities
Aerospace & Defense
Automotive
Banking
Capital Markets
Communications
Consumer Electronics
Consumer Packaged Goods
Education
Engineering, Construction & Operations
Healthcare
Insurance
Medical Devices
Natural Resources
New Age Markets
New Age & Media
Network & Edge Providers
Oil & Gas
Pharmaceutical & Life Sciences
Platforms & Software Products
Industrial & Process Manufacturing
Professional Services
Public sector
Retail
Semiconductors
Travel & Transportation
Utilities
America
country usa
United States
country canada
Canada
country brazil
Brazil ( English  |   Portuguese )
country maxico
Mexico ( English  |  Spanish )
country latam
Latam
Europe English  |  German )
country benelux
Benelux
country nordic
Nordic
country france
France
country dach
Dach ( English  |  Deutsch )
Africa
United Kingdom & Ireland
Asia - Pacific
country
Asean
country
Korea
country
China
country
Australia
country
Japan ( English  |  Japanese )
country
Taiwan
India & Middle East
country India
India
country
Middle East
Global Site
America
country usa
United States
country canada
Canada
country brazil
Brazil ( English  |   Portuguese )
country maxico
Mexico ( English  |  Spanish )
country latam
Latam
Europe English  |  German )
country benelux
Benelux
country nordic
Nordic
country france
France
country dach
Dach ( English  |  Deutsch )
Africa
United Kingdom & Ireland
Asia - Pacific
country
Asean
country
Korea
country
China
country
Australia
country
Japan ( English  |  Japanese )
country
Taiwan
India & Middle East
country India
India
country
Middle East
Global Site
< Cybersecurity

Data Privacy for Cloud Based Analytics

comments.png fav-article
comments.png
Services
Industries
Cloud
Cybersecurity
Digital
EngineeringNXT
Holmes
Geographies
Contact Us
About Wipro
Careers
Locations
Leadership
Investors
Innovation
News and Events
Insights
Analyst speak
Products & Platforms
Partner Ecosystem
Sustainability

Data security and privacy are major hindrances to successful implementation of any cloud based solution. It becomes all the more significant if it involves capturing customer data. The challenge that technology tends to throw up is finding meaning and insights from the goldmine of data which leads to effective decision-making while abiding by privacy regulations. Today, there is no standard methodology to implement privacy controls and comply with the privacy principles and obligations that are imposed by regulators. With privacy regulations in place, enforcing principles such as ‘Right to be Forgotten’, ‘Privacy by Design’ and ‘Data Portability’ - a checkbox approach to data privacy is not sustainable.
The biggest data privacy challenge in a cloud based analytics solution is “robust and scalable privacy, preserving data mining and analytics, that provides the required outcome to organizations, while adhering to all data privacy regulations.

Data security and privacy in cloud based analytics platform

While a cloud based solution has its own set of security and privacy challenges, data analytics also brings in the stringent aspects of data privacy. As data privacy deals with the personal/customer data, it enhances customer experience and anticipates an increase in top line/bottom line.

To address cloud security, the (privacy) controls are implemented at different layers such as infrastructure, network, application and data (at rest, in motion). However, with a cloud based analytics platform, we need to adhere to data privacy regulations and also provide the required outcome for the organization to make informed decisions.

Data privacy applies to the processing of personal data, namely any information relating to an identified or identifiable natural person. In the context of Big Data, the focus is more on indirect identification of personal data by following data privacy regulation, such as GDPR principles, notice, choice, consent, purpose of processing, privacy by design, etc.

Risk based proactive approach to data privacy

Organizations must take a risk based proactive approach to data privacy by creating data privacy standards and privacy control frameworks which can be applied consistently across all geographies and solution(s). This would minimize complexities and maximize data protection. Such a framework must provide guidance on what constitutes personal data, what are the requirements for personal data collection, process of managing consent, rules for accessing and using personal data, how to classify and protect personal data, implement the right set of processes and controls, based on the risk. Also, guidelines must be created in a way that integrates privacy as a key component from design to delivery of the products and services. In addition, privacy requirements into the initial phase of the software development life cycle, which will then decrease compliance risks and improve customer confidence in the product or services, will need to be incorporated.

Key design principles in data privacy in the Data Analytics platform

Data Minimization

Collects data that is necessary to provide a feature or service. Conduct a Privacy Impact Assessment to define the exact data processing needs thereby limiting data to what is essential.

Data Hiding

Hides personal data and its interrelationship from plain view. Leverages data anonymization solutions to anonymize the data at source.

Data Separation

Personal data will be processed in a distributed fashion in separate compartments whenever possible. The data separation controls will be implemented at the data center level, to meet the data privacy regulations in different countries.

Data Aggregation

Processes personal data at the highest level of aggregation, and with the least possible detail, yet is still useful.

Consent and Notice

Informs data subjects about the data being collected and takes consent from individuals at the time of data collection. Data with customer consent should be used for data processing in Aata Analytics.

Security Controls

Implements proper security controls such as firewalls, anti-virus, access controls, authorizations, audit logs, data encryption motion and rest, masking, anonymization, etc.

Ways to approach data privacy in Cloud Analytics platform

To secure sensitive data within the analytics ecosystem on the cloud, data protection is applied to sensitive data close to the source, i.e. up-stream application by integrating the application/job with Formation Preserving Encryption. The data flows in an encrypted format to the cloud and is made available for processing and analytical purposes without the risk of exposure. Applications/tools running on the cloud works on the encrypted data for reporting or analytical purposes.

Format Preserving Encryption (FPE) preserves the format of the sensitive data fields, while providing AES level of encryption strength. Here is a typical example of FPE:

 

Data Privacy for Cloud Based Analytics

The approach to addressing data privacy challenges in the cloud based analytics platform is shown in Figure 1.
Data Privacy for Cloud Based Analytics

Figure 1: Data Privacy in Cloud Analytics Platform

All the data, collected from different data sources, needs to be classified to create thePersonally Identified Information (PII) inventory and define which data elements need to be anonymized and de-identified with the appropriate risk level and consent details while capturing the data.

The data, before being sent to the Cloud Analytics platform, needs to be encrypted with de-identification techniques such as format preserving encryption, tokenization, and masking. It can then be sent to the Cloud Analytics platform for data mining and analysis over the encrypted communication mechanism. All data mining, correlation and reporting is performed by the analytics platform. For  consumption of the data by other on premise applications, the data re-identification techniques need to be applied on need based.

While dealing with data privacy issues, the solution needs to address data security controls (data at rest and data in motion), cloud infrastructure security controls (Firewall, Anti-virus, IDS, IPS, DDOS, etc.), technical tools (for example, authentication and access control) and security assurance (penetration testing, vulnerability assessment, etc.). Along with technical security controls, the solution needs to address governance controls at process (for example, approvals for access) and people (for example, training, background checks, etc.).

This approach holistically addresses data privacy challenges while adhering to data privacy regulations, along with other security controls, making the security solution robust and scalable.

About the Author

Srinivas Morishetti Cybersecurity & Risk Services- Srinivas Morishetti has 16 years of experience in the IT industry and 14 years in Cybersecurity & Risk Services. As the principal consultant, he is responsible for thought leadership, solution strategy and transformation in application security services. He is adept at handling risk and compliance, application, infrastructure, cloud and data security solutions, and service delivery management across industry verticals.

He can be reached at srinivas.morishetti@wipro.com

Related Articles

Image not found
How a top telco launched its business in the US market on Cloud

Wipro delivered best in class AWS cloud based security solution comprising of native and third party security controls to meet customer’s business needs..

Image not found
Application Onboarding Streamlined

Wipro enables compliance to regulatory bodies through 150% faster onboarding of critical applications and removal of open business sensitive risks for a leading banking organization

Image not found
How a Leading Government Agency Ensured Fast and Secure Migration to AWS Cloud

Wipro enabled the road and public infrastructure safety agency...

X

popup-image