Resources Blog

Why Protecting Sensitive Data is Different


Dec 05, 2022

By Remi PoujeauxSVP of Innovation at Odaseva

This first appeared as Linkedin post. Read the other posts in this series here.

Protecting sensitive data is different from protecting other types of data.

Here’s why sensitivity matters:

The standard way to store data is to use a database. Even if there are many types of databases (relational, object oriented, graph) the data security approach is consistent and simple: a role-based or asset-based access control layer gives access to individual users.

By design, the data is separated from both its access controls and also more generally from the policy defining factors like the retention period, the residency, the level of encryption

This causes some issues:

  • When the data is copied to another system or in a data lake, it loses all its governance attributes
  • Even with proper segregation of duty on authorization, a rogue admin can grant themselves extended access

These are not big issues and the associated risk can be mitigated! But mitigation is not enough for very sensitive data. 

Sensitivity matters. For example, where would you put your crown jewels? What is better: in your cupboard, in a safe at home, or a safe in a bank? Or just imagine that the results of the Oscar Awards leak publicly before the ceremony. It would render the ceremony meaningless. 

So as you can see, all data is not created equal – and sensitivity matters.

The irreversible trend is moving data to the cloud. But is it safe to store sensitive data in the cloud? The better question is: how to store sensitive data in the cloud and protect it from rogue administrators, cloud providers and governments? How can a developer ensure that the most sensitive data is safely stored in the cloud, without having to rethink and test the whole architecture?

And whatever the solution is, the sensitive data needs to be controlled on all dimensions:

  • Space: avoid replicating
  • Time: retention period
  • Purpose

Access should be granted for a given purpose. 

This is strongly related with consent management: a consent is given for a given purpose. I allow my car manufacturer to use sensor data to detect an accident and send a repair truck but I don’t allow them to use sensor data to propose me paid options.

At Odaseva, we strongly believe that this is a key topic. Don’t hesitate to reach out if you want to know more about it and test in your specific use case.

Close Bitnami banner