In the digital transformation age, the cybersecurity industry received tremendous spotlight with respect to the pervasive capability of the IT domain to have full access (literally) to any digital asset, regardless of geographical distances and physical barriers. The real paradox exists between how much power IT teams can have to secure and maintain the entire footprint of the digital assets, while still preserving and complying with data privacy regulations. Some will claim that such powerful capability can be abused if no regulation and policies are defined, hence the practical purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices - "by all and to all"... This is a highly essential milestone to raise awareness, frame the ground rules, and ensure that top-down directives will be clear to all respective industries, authorities, and users. So how can we contribute as a company to such an important day in the industry?
Well, if you reading this blog, most likely you are in the right industry and the right website... P.S, Niagara Networks visibility solutions are deployed in the strategic positioning of many networks with advanced network intelligence functions that serve security and network operations teams.
Niagara Network’s solution enables NetOps and SecOps to extract packet data from strategic network points, apply packet intelligence, process the captured data, and deliver it to cybersecurity and monitoring tools - we play an important role and obey to privacy regulations. Specifically, the Open Visibility Platform can ensure that standards for decryption are upheld and performed according to the policy with a full audit trail. In addition, it can provide data masking or the extraction of metadata to comply with various requirements for privacy and other regulations.
The fact that packet intelligence function can intercept the traversing user data (including overlay tunnels, headers, and payload), performing data masking in the highly granular mode of packet payload of traffic in motion will be critical before delivery to security and monitoring tools, or even to backend databases to keep the privacy of personal data without sacrificing security and application/network performances. Data masking function enables the enterprise or any controlling entity, to forward and share data traffic across departments, while at the same time providing them with a tool to mask private and confidential user information that is contained in the data.
For example, our visibility platforms can protect credit card data by masking personally identifiable information. Complex PID criteria policy can be defined via a Regular Expression (Regex) function and correlation rules of payload masking will be applied. Other granular Regex options include email, SSN, age, name, etc. This is a pure payload masking based on the defined policy, so it’s an additional layer of protection for sensitive data in motion that can be used in various customized applications. In this use case, the Niagara visibility platform is configured for filtering, decryption (in case required), masking, and pass-through only, therefore there's no stage to store the passing traffic for laws & regulatory compliance.
In conclusion, in terms of data privacy, most likely a chain is only as strong as its weakest link, hence delivering the regulated building blocks of visibility can contribute to IT privacy compliance - Happy Data Privacy Day!
Feel free to contact us in order to find a creative solution to your IT environment.