Mastering Data Management

More in MDM

• Best Practices in Test Data Management: Discovering and Subsetting
• TDWI Chicago Preview: Data Warehousing, Analytics & More
• Who’s Afraid of the Big Bad Data?
• MDM for Chief Privacy Officers: A healthcare provider example

More from Bryan Casey

• No More Tootsie Pop Security
• Where the Data Lives

Share this Post

Recent Comments

• ICMCC News Page » Where East Meets West: ehealth in China and the US on Where East Meets West: ehealth in China and the US
• Kim’s Training Podcast on Training as a Safety Net: Kim May
• TDWI Chicago Preview: Data Warehousing, Analytics & More | Mastering Data Management on New ebook: Understanding Big Data

Bryan examines balancing security and privacy with appropriate access

We are witnessing a global trend in convergence right now in a number of pretty significant ways. Our personal identities are blurring with our professional identities, the global economy is being pushed closer together all the time and different IT systems are being connected in ways we never planned for. Data is traveling through, and being produced by, these systems at an extraordinary pace, coming from machines, from sensors in the wild, from people talking to one another online and more.

Perhaps unsurprising, then, is the continued convergence of security and privacy. While these are distinct disciplines, they certainly share some common interests, like making sure unauthorized people aren’t looking at sensitive data and information.

Business moves really fast these days and time matters, a lot. We want to share and access data when we need it, and not a moment later. The internet is driving us closer to a world where waiting for something is a relic of a long-forgotten past.

So the question then becomes, how do we begin to reconcile the need for security and privacy with the need to share information quickly?

I’d like to use an example to illustrate some of these trends and how IBM is helping clients. Take data redaction. For any IT folks in law or medicine, this will be a familiar term. For those unfamiliar with redaction, it’s the process of blacking out sensitive data in documents. It’s really an area where we do see equal parts security, privacy and agility all bundled up into one topic with a few key questions:

• How do I make sure that only the right people see the right information (privacy)?
• How do I make sure that once I’ve redacted text a malicious party can’t still gain access (security)?
• How do I do this faster and more reliably?

Each one of these areas presents its own challenges. Some organizations approach redaction manually and have to cope with the reality of human error. Some automated solutions are pretty easy to get by if someone is motivated enough. Historically, getting access to redacted text has not been a quick process either.

IBM’s InfoSphere Guardium team has a data redaction solution that helps address a number of these challenges. First, it’s automated and accurate. So, we’re reducing time and error.

Second, it was designed with security in mind and does not have many of the security shortcomings of other vendors (some solutions you need only copy/paste the text in question to view the previously redacted content).

Lastly, Secure Viewer and central management make it so a doctor or lawyer need only input a name and password to view a piece of blacked out text. If policy dictates they can access that information, then they get in. If not, then they don’t. Additionally, the audit trail is automatically updated along way.

We’re working on improving your ability to conduct business, and that means increased agility combined with the confidence of security and privacy.

For more information about IBM’s perspective on data security and privacy, please download our new whitepaper.

This post is part of the Dinner Table Data Security series. Catch up on the full series.