PHEMI, the company delivering privacy, security, and governance for big data, introduced Zero Trust Data, an innovative, comprehensive approach to remove critical roadblocks standing in the way of enterprises aiming to become data-driven. A Zero Trust Data approach changes the way data is managed and secured, allowing companies to more effectively collect, share and protect data.
The Big Data movement has opened up a lot of opportunity, but it has also introduced new security and compliance risks to the point where access and security has trumped the value of data integration,” says Stewart Bond, Director Data Integration Software Research at IDC. “PHEMI’s Zero Trust Data approach extends the zero trust networking concept to data where nothing is trusted, and everything is verified, bringing a new focus on data trust, availability, security and compliance in today’s Big Data environments.”
A Zero Trust Data approach – embedded into company’s flagship big data solution PHEMI Central – helps organizations in healthcare, life sciences, finance, the public sector and other industries meet data-sharing compliance and governance requirements. PHEMI delivers enterprise-grade features that combine the scale and performance of big data with technology that supports rigorous access controls and data governance to help data-driven companies unlock and share data without compromising privacy.
PHEMI’s Zero Trust Data approach and strategy for the big data market is unique in that it has been designed from the onset to address the complicated security and privacy challenges companies face in leveraging data to maximum benefit,” said Paul Terry, CEO, PHEMI. “Today, companies are facing difficulties in taking Hadoop trials through to production systems. PHEMI’s technology helps companies gain real value from data by providing a means to remove multiple data silos and build a centralized data structure with assured security, privacy and governance already in play.”
A Zero Trust Data strategy takes the well-known Zero Trust Networking model – never trust, always verify – one level deeper into information systems, embedding and enforcing consent, data sharing agreements and privacy policies at the data level. In a Zero Trust Data model:
- Access is denied by default: Privacy and governance policy is encoded directly on data as it’s collected. And every piece of data can be encrypted and made inaccessible by default.
- Data requests without proper credentials yield no information: The data system knows whom it can trust to view any data asset, when, and in what context. Without the right access credentials and attributes, a user sees nothing.
- Data security is enforced independent of the network: Data protection no longer relies on networks or applications to enforce privacy and governance. Those functions are now controlled by the organization’s data stewards, and operationalized in the data layer itself.
By using a Zero Trust Data strategy, the same data asset can be re-purposed on the fly to address different needs and different levels of access. This ability to provide different views of data to different users is essential to obviating privacy breaches.
Zero Trust Data is a compelling approach to the problem of how to protect data while allowing it to be shared,” said Dr. Ann Cavoukian, Executive Director of the Privacy and Big Data Institute at Ryerson University and architect of the global privacy framework Privacy By Design. “With an approach like this, privacy and data security can be perfectly compatible with a strategy that includes collaboration, data re-use, and data sharing. In my view, a solution like Zero Trust Data is essential to any organization implementing a big data strategy where privacy, data security, and governance are core to their operations.“
Sign up for the free insideBIGDATA newsletter.
Speak Your Mind