Name: Implementing Data Privacy Controls for Amazon Redshift and Cloud Data Lakes
Start: 2021-06-29T18:00:00Z
End: 2021-06-29T18:00:41.000Z
Location: BrightTALK
Rating: 4.5

Baffle, the application data protection company, prevents data breaches by securing the end-to-end data access model for applications and databases. Using this method, the technology protects against some of the most recent high-profile attacks and vulnerabilities -including Spectre and Meltdown. With its patent-pending technology, Baffle is the only company that can enable encryption of data at-rest, in use, in memory and in the search index without impacting the application using AES encryption.

Baffle is also the first company to enable secure data processing on a commercial application and database to guarantee data protection. Baffle has raised $10.5 million of financing; its investors include True Ventures, Envision Ventures, ServiceNow Ventures [NYSE: NOW], Thomvest Ventures, Engineering Capital, and Industry Ventures.

Get more flexibility, improved cost-efficiency, and better security with AWS + Baffle 

As companies look to modernize their database applications, they are increasingly looking to the cloud for a clean break from legacy databases and architectures.  With Amazon Relational Database Service - PostgreSQL, companies have great choices for a managed database service at the core of their application.  With Baffle Data Protection for Databases, they are also able to protect their data even better than an on-prem deployment and meet their security and compliance requirements in the shared responsibility model.

In this webinar, join AWS and Baffle to learn how to modernize your database application with:
* More flexibility to scale up and down as needed
* Improved cost-efficiency to only pay for what you need
* Better security that cryptographically protects the data in use and at rest

Modernize your database with PostgreSQL in the cloud

As companies move to SaaS for key services, securing customers’ data has become even more vital for SaaS providers.  Customers are demanding they control their data, even in a service they don’t operate.

Saxo Bank, a provider of an online trading platform, addressed this challenge head on with Multi-Tenant Data Security (MTDS) to ensure their customers can meet their compliance obligations.  Each customer’s data is secured cryptographically by a distinct key they control.

In this webinar, join Baffle and Saxo Bank to learn how Multi-Tenant Data Security can make your SaaS more secure by:
* Compartmentalizing data so no one else can access the data in clear text
* Implementing MTDS easily, without any application changes
* Controlling the data with a single key, managed by the customer or SaaS

Saxo Bank:  A Success Story for Multi-Tenant Data Security

93% of organizations claim that regulatory compliance has significantly shifted their data security and privacy priorities, per the latest research. In addition, 75% of respondents believe that a regulatory compliance program is a competitive differentiator. However, effectively implementing data protection controls across the enterprise remains challenging for numerous technical and organizational reasons. 

In this webinar, EMA analyst and managing director Chris Steffen will join Baffle CEO Ameesh Divatia to share insights and best practices employed by leading organizations to not only accomplish strong privacy and compliance, but also achieve competitive differentiation as a result. 

Join this session to learn: 
* Findings from the latest compliance research 
* Data challenges - ownership, discovery, classification, policy enforcement
* Effective strategies for data protection controls in hybrid cloud environments 
* Technology innovations to streamline privacy programs 
* Actionable plans you can start implementing today

Strategies for Successful Privacy and Compliance Management

Apache Kafka is a powerful platform for streaming data in real time for multiple use cases, including data analysis downstream. However, putting sensitive data in the clear can create massive security and compliance issues. The challenge is that legacy data encryption methods are not sufficient as they do not allow control over who can see what data, and can also impede downstream data analytics and third party applications.

Join this webinar to learn how modern data protection approaches and technologies can be used to easily de-identify and re-identify Kafka data streams to share sensitive information securely between internal and external audiences and data domains. We will discuss:
* De-identification techniques and use cases
* Using Single Message Transform (SMT) to tokenize sensitive data 
* Role-based data access control 
* Architecture, components, and flow   
* Demo of Kafka data de-identification

How to De-Identify Apache Kafka Data Streams

Cloud-based data lakes and data stores provide tremendous business value for next-gen analytics, machine learning and artificial intelligence, as well as sharing data with partners. However, they also present a large challenge for protecting the exploding volume of sensitive data that is being collected and moved to cloud platforms such as Amazon Redshift and Snowflake. 

A critical protection measure is de-identifying sensitive data as it is being migrated from on-prem sources to the cloud and staged for use in downstream applications. There are various approaches and considerations based on your use cases. Modern data security platforms provide cutting-edge solutions that are easy to implement and address today’s threats and attack vectors more comprehensively. 

Join this webinar and learn about: 
* Data de-identification methods and architectures 
* Comparing modern data protection platforms versus database native encryption 
* Data masking, tokenization, field and record level encryption, and object/file encryption
* No-code solutions that require no application modifications 
* Ensuring high performance and minimal downtime 
* Role-based access control for secure data access and sharing 
* Privacy-enhanced computation and analytics

De-identifying Cloud Data Pipelines: Approaches, Best Practices, and Learnings

As concerns over data privacy and data theft continue to mount, companies are searching for solutions to help secure their customers' data and mitigate the risk of data theft, all without breaking business processes. The more recent data privacy regulations will significantly increase the cost of non-compliance and have the potential to stifle business intelligence and big data efforts as well.

The challenge that companies face is implementing the appropriate data level security without adversely impacting the business while still facilitating ways to leverage and monetize information.  Historically, achieving this type of balance was impossible and methods to appropriately secure data often broke applications or made data useless for analytics.  

Modern approaches to privacy preserving analytics are now available to easily protect your data for compliance, yet still allow for data processing on information without ever violating data privacy.  Attend this webinar to learn how you can perform analytics and share data while still ensuring the appropriate level of data security and privacy.  

This session will provide a review of various data-centric protection methods (data masking, tokenization, BYOK, field and record level encryption) including privacy preserving analytics and how they can be easily implemented to protect information in the cloud and on-premise. 

Join this webinar and learn about the following:

- Key requirements of recent data privacy regulations and compliance strategies
- Common threat models that unknowingly leave data exposed to data theft
- Various data-centric protection methods that can help mitigate data security risks
- Privacy preserving analytics use cases that can

Data Privacy Simplified – Using Data-Centric Protection to Secure Your Data

According to a report from Risk Based Security, over 7.9 billion data records were exposed in 2019. With breaches continuing ad nauseum and record highs of spending on security, it begs the question why breaches cannot be stopped.

This session will review common security control recommendations for data security and identify key gaps or misunderstandings in the threat model that often get overlooked.  The session will also cover key tenets of modern data privacy regulations within the context of security controls that are currently available and how they can be operationalized to improve your company's security posture. 

A review of risk and responsibility models will be provided along with an examination of how data distribution and cloud deployments can further exacerbate the challenge of securing data. The webinar will close with an overview of some adaptive data protection methods that can help reduce the risks of data breaches.

Webinar attendees will learn about the following:

- Learn more about common data security controls and how they fail to protect against modern day breaches
- Review of some key tenets of modern data privacy regulations
- Understand how the shared responsibility model applies to sensitive data
- Gain an understanding of a new data threat model and why breaches continue to occur
- Identify critical gaps in security controls and how to mitigate risks

Why you can't stop data breaches?

Industry analysts estimate that 75% of the world's data is projected to move to cloud and cloud analytics platforms such as Snowflake and Amazon Redshift.  As businesses continue to collect and push more data into  cloud-based data lakes for analytics, machine learning and artificial intelligence, the importance of integrating security into your data pipeline cannot be underestimated.   

However, security is often looked at as an impediment to the analytics world.  As a result, devops and data science teams may look to bypass security measures that can slow down their ability to adopt modern analytics platforms.  This presents a significant challenge around how to de-identify data while still allowing for advanced analytics to occur to meet the demands of your organization's need to extract value from the personal data it collects.  

Many of methods for de-identification require additional development or altering the data pipeline and as a result either slow down the use of cloud-based analytics or leave data potentially exposed. 

Attend this webinar to learn how data can be easily de-identified as part of your data pipeline as it is staged for use in Snowflake or Amazon Redshift. Learn how you can establish a fully de-identified cloud data lake and use adaptive security controls to secure the data while allowing analytics to run on protected data sets for authorized users.  

Join this webinar and learn about the following:

- Common data security gaps for data sources in cloud storage and Amazon S3
- Key differences between existing cloud storage encryption methods and de-identification processes
- Methods for de-identification, tokenization and encryption of data
- Architecture models to support a de-identified data pipeline
- Enabling secure computation on data in cloud-based analytics platforms

De-identifying Data in Snowflake and Amazon Redshift

More and more customers are putting data in the cloud and leveraging database platform-as-a-service (DB PaaS) solutions such as AWS RDS to store their critical business information and customer data. DB PaaS provides a graceful and simple database management solution for enterprises while also enabling the flexibility of cloud infrastructure. 

This webinar is part of the Baffle weekly webinar series and will provide an overview of different techniques that can be used for protecting data in the cloud. Within the context of modern data privacy laws and compliance regulations, customers may be faced with requirements to ensure protection of specific data types in their operational environments.

Many existing tokenization and data protection methods can be challenging to implement and may not function well with cloud native services such as containers and microservices or key management services (like AWS KMS or secrets managers). Furthermore, certain techniques require application code modification or have a dependency on installing an agent on a database which will not work with DB PaaS. 

Attend this webinar to learn about different tokenization and data encryption techniques and see how you can stand up a demo of Baffle's Data Protection Services in conjunction with AWS RDS and AWS KMS in a matter of minutes. See how data can be easily de-identified or tokenized for your AWS RDS environment to mitigate the risks of data leakage and breaches. 

Join this webinar and learn about the following:

- How the shared responsibility model applies to your data
- Key differences between different tokenization and de-identification methods
- Architectural models for a data protection service layer
- How to easily set up and configure a data protection service without any code changes
- Methods for integrating with AWS RDS Postgres, MySQL, Microsoft SQL Server
- How to integrate and use AWS KMS and other key management solutions

Tokenize and De-identify Your Data in AWS RDS with AWS KMS

There has been no shortage of data leakage scenarios from AWS S3 due to mis-configured security controls. 
 In many of these cases, sensitive data and PII have been exposed and that is partly due to the fact that S3 often gets used as a data source for data warehousing and analytics pipelines.  

As a result, many organizations are looking for ways to de-identify data flowing into S3 or other cloud storage to protect information as it gets consumed by popular analytics platforms such as Snowflake, AWS Redshift, Athena or data lake platforms.  Many of these methods require additional development or altering the data pipeline and as a result either slow down the use of cloud-based analytics or leave data potentially exposed.  

Attend this webinar to learn how data can be easily de-identified, tokenized or encrypted inside S3 objects to help prevent data leakage while still enabling analytics teams to leverage the scale of cloud infrastructure.  

This session will provide a review of some key data security gaps as they relate to cloud storage in general and AWS S3, and provide a live demonstration of de-identifying data on the fly during a migration.  

Join this webinar and learn about the following:

- Common data security gaps for data sources in S3
- Key differences between existing cloud storage encryption methods and de-identification processes
- Methods for de-identification, tokenization and encryption of data
- Architecture models to support a de-identified data pipeline

Controlling Data Leakage from AWS S3 and Cloud Storage

Over one billion records have been leaked from cloud IaaS in spite of an increased focus on cloud security. At the same time, organizations continue to put more and more data into the cloud to accelerate their responsiveness and improve IT agility.  This push and pull of speed and flexibility vs. security has created significant gaps in the threat model for data in the cloud.  

Consequently, data breaches and leaks continue unabated and many security teams fail to recognize fundamental gaps in the security model.  This webinar provides an overview of a new threat model for data and helps identify key risks to data security that may be commonly misunderstood or overlooked. The session will cover key tenets of modern data privacy regulations within the context of security controls that are currently available and can be operationalized to improve your company's security posture.

Attend this webinar and learn about the following:

- How the shared responsibility model applies to your data
- A new data threat model for cloud and why breaches continue to occur
- Critical gaps in security controls and how to address them
- Review of data privacy regulations and key considerations for your business
- Best practices for securing data for cloud native environments

Cloud Data Risk: How to Better Protect Your Data in the Cloud

Tokenize Your Data in AWS RDS with AWS KMS

Multiple businesses continue to establish cloud-based data lakes for analytics, machine learning and artificial intelligence use cases.  The flexibility of the cloud allows for an easier spin-up of resources and facilitates a faster data delivery model for the business.  

However, within the context of modern data privacy laws and compliance regulations, a significant challenge remains around how to de-identify data while still allowing for advanced analytics to occur to meet the demands of your organization's need to extract value from the personal data it collects.  

Many of methods for de-identification require additional development or altering the data pipeline and as a result either slow down the use of cloud-based analytics or leave data potentially exposed.  Further, de-identification represents only part of the challenge as new methods to access and warehouse data can limit scenarios where authorized re-identification or analysis of data may be required.  

Attend this webinar to learn how data can be easily de-identified or tokenized as part of your data pipeline engineering.  Learn how you can establish an S3 cloud data lake fully de-identified and use AWS Athena to easily access and run analytics on data sets for authorized users.  

This session will provide a review of some key data security gaps related to a data analytics pipeline, and provide a live demonstration of de-identifying data on the fly during a migration, as well as subsequent data analysis via AWS Athena.

Join this webinar and learn about the following:

- Common data security gaps for data sources in S3
- Key differences between existing cloud storage encryption methods and de-identification processes
- Methods for de-identification, tokenization and encryption of data
- Architecture models to support a de-identified data pipeline
- Methods to allow for simplified analysis of data in a cloud data lake

De-identify and Secure Your Data Analytics Pipeline

Many infrastructure and platform-as-a-service (PaaS) providers do a great job providing data warehouses and analytics solutions that offer agility and deliver fast results for business intelligence initiatives. In fact, industry analysts estimate that 75% of the world's data is projected to move to cloud and cloud-based analytics platforms such as Amazon Redshift.  

These providers also support several methods to make it easy to get your data into the cloud. But what do you do when you need to keep your data private or ensure compliance with privacy regulations?  How do those requirements impact your data pipeline architecture and operations?  And, once your data is "in cloud", how do you control access and implement stronger security controls?

Attend this webinar to learn how data can be easily de-identified on-the-fly as part of your data pipeline process as it is staged for use in Amazon Redshift or cloud data lakes. Learn how you can establish a fully de-identified cloud data lake and use adaptive security controls to secure the data while allowing analytics to run on protected data sets for authorized users.

Join this webinar and learn about the following:

- Common data security gaps for data sources in cloud storage and Amazon S3
- How to avoid making more copies of your sensitive data during the pipeline process
- Methods for de-identification, tokenization and encryption of data
- Architecture models to support a de-identified data pipeline
- Enabling secure computation on data in cloud-based analytics platforms

Implementing Data Privacy Controls for Amazon Redshift and Cloud Data Lakes

Amazon Web Services

Cloud Data

Cloud Security

Data Analytics

Data Lake

Data Privacy

Data Warehousing

Redshift

Security

Snowflake

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Implementing Data Privacy Controls for Amazon Redshift and Cloud Data Lakes

Presented by

About this talk

More from this channel