Understanding data security in DataMatch Enterprise

DataMath Enterprise Security Documentation

Overview

The framework for developing an enterprise application has always been based on meeting customer requirements for integration, and interoperability with existing business processes. With governance and compliance becoming a foundational IT process, security has become fundamental for integration.

Data Ladder’s data cleansing and matching solution is in use at public and private institutions all
over the world, so security is paramount.

While it is true that some things are easier to administer through the cloud, security is not one of them. By its very nature, security is something most organizations will want to keep in-house rather than turning over confidential data (even if encrypted) to a cloud provider.

Being an on-premise solution, Data Ladder automatically bypasses the bulk of security concerns. Meaning, the solution is installed behind the client’s own security measures.

Security Benefits: Data Ladder On-premise Software

Whether a company places its applications in the cloud or decides to keep them on-premises, data security will always be paramount. But for businesses in highly regulated industries, the decision is often already made for them. Knowing your data is located within your in-house servers and IT infrastructure also provide more peace of mind anyway.

Since Data Ladder software is installed in your own environment (desktop or server), nothing from our end travels in or out of the software itself. All data processing is done in-memory, effectively rendering any concerns regarding data-at-rest or data-in-transit encryption inapplicable.

From a security standpoint, the biggest benefit of Data Ladder software being on-premise is that you have complete control.

With Data Ladder, you have complete control over your data

Data quality software handles confidential business information of all types. Employee social security numbers, accounting and expenses, supply chain management logistics, and other business intelligence that may represent significant value to outside parties. When you host your data quality software on-premise, you control everything, including the security measures used to physical access control.

You won’t be left at risk because a workstation connecting outside the network to the cloud-based data quality solution is not secured enough or has vulnerabilities that can be exploited or an employee at the cloud provider jumped ship with as much data as possible.

Software testing practices for a more secure solution

While our on-premise deployment provides customers working sensitive data considerable peace of mind, we go one step further and have integrated security-testing as part of our DevOps workflows.


The traditional approach of having application security testing as a checkpoint before deployment is no longer efficient since new code is developed and deployed faster than ever before. By shifting security to the beginning of DevOps workflows and embedding security controls as integral parts of the integration/deployment processes, Data Ladder detects security defects earlier on in the process and applies fixes immediately.

Cloud-hosted DataMatch Enterprise instances

If a customer has a DataMatch Enterprise Server license, they have freedom over where they choose to host the software. Where customers require the software to be hosted on the cloud, Data Ladder uses Microsoft Azure, ensuring top-of-the-line security and compliance.

Compliance framework and offerings include but are not limited to:

CSA Star Attestation
ISO/IEC 27001
FISC
UK G-Cloud
CSA Star Certification
ISO 9001
EU Model Clauses
SOC 1 & SOC TYPE 2 Report
ISO IEC 27018
PCI DSS
EU-US Privacy Shield
SOC Type 3
HIPAA/ HITECH Compliance

Security

Encryption

Microsoft uses encryption technology to protect your data while at rest in a Microsoft database and when it travels between user devices and Cloud App Security datacenters.

Identify and Access Management

Microsoft Cloud App Security enables you to limit access of administrators to the portal based on geolocation using Azure Active Directory. It’s possible to require multi-factor authentication to access the Microsoft Cloud App Security portal by using Azure Active Directory.

Permissions

Microsoft Cloud App Security supports role-based access control. Office 365 and Azure Active Directory Global admin and Security admin roles have full access to Cloud App Security, and Security readers have read access.

Data Location

Microsoft Cloud App Security currently operates in datacenters in the United States and Europe (each a “Geo”). Your tenant account will be created in a Geo based on the country you chose when you signed up. Specifically, your data will be stored in a data center in the Geo nearest to that location.

Transparency

Microsoft provides transparency about its practices:

Sharing with you where your data is stored.

Affirming that your data is used only to deliver agreed-upon services.

Specifying how Microsoft engineers and approved subcontractors use this data to provide services.

Microsoft uses strict controls to govern access to customer data, granting the lowest level of access required to complete key tasks and revoking access when it is no longer needed.

Data Protection

Microsoft Cloud App Security enforces data protection during content inspection. File content isn’t stored in the Cloud App Security datacenter. Only the metadata of the file records and any matches that were identified are stored.

Data Retention

Microsoft Cloud App Security retains data as follows:

Activity Log

180 days

Discovery Data

90 days

Alerts

180 days

Governance Log

120 days

Data Ladder gives you the peace of mind you need to process sensitive data without fear of prying eyes. If you want guidance on how to better secure your own environment, please feel free to contact our solution specialists any time.

Want to know more?

Check out DME resources

Merging Data from Multiple Sources – Challenges and Solutions

Oops! We could not locate your form.