Data security: does data integration put your data at risk?
By Henning Lund - July 13, 2016
According to the ITRC Data Breach Reports 2015, over 169 million personal records were exposed last year, stemming from 781 publicized breaches across the financial, business, education, government, and healthcare sectors. If one thing became clear in 2015, it was that no organization, regardless of its size or industry, is safe from a data security breach. A breach can happen to any organization at any time. There is no doubt that companies should carefully think about data security especially today when we place more and more data on public clouds, or within big data systems.
What happens when you integrate two systems? Does the transfer of data from one system to the other expose and potentially endanger the security of your data? How does data integration impact data security? Can data integration make your company more vulnerable to a data security breach?
I’ve seen many different solutions to integrations, and to be honest most of them with basically no encryption of data. Often plain .csv text files or XML files are send by mail or via a FTP server for download and import to the other system(s). These files are also be stored on removable devices such as a usb-stick or memory card, and even though it’s a simple solution, it has a lot of constrains not only in regards to security but also in regards to data error handling when such occur.
What can I do to ensure data security in my data integration project?
Although I do understand the concern, in my mind, data integration does not systematically imply a potential data security issue, especially these days where integrations can be handled via SSL encrypted data transfers between two systems with no staging of data on a ftp server or any other media. Data is read and written directly to and from the databases via the provided API’s. In reality, most data security breaches are made possible by traditional systems with security technology and security operations that fail to keep attackers outside.
At RapidiOnline, we have had focus on data integration for the past many years and data security has always been top of our minds. The way we enable secure data integration is in reality quite simple. The RapidiOnline Services run with a technology called the RapidiConnector that ensures compressed and secure data transfer between RapidiOnline and different on-premise systems. And of course, to ensure efficiency and security the data is compressed and encrypted.
Now, the clever thing about the RapidiConnector is that it resides in your on-premise network connecting outbound to the central RapidiOnline Service and enabling two-way communication between RapidiOnline and your legacy systems. This has the great advantage that you don’t have to change anything in your network or firewalls in order to deploy RapidiOnline integration. So, the connection from the RapidiConnector is outbound only to RapidiOnline. No inbound ports have to be opened in your firewall. That way, we can make sure that your internal systems stay secured and protected.
The communication between RapidiOnline and the RapidiConnector is using a proprietary protocol which is highly efficient in terms of maximum reduction of the total amount of data and the number of packages sent and received. The protocol first joins e.g. 50 records in 1 package thereby stripping off all meta information to only send the relevant data. Furthermore the package is compressed before sending. This results in the most efficient data transfer. This method can reduce the amount of data needed to be sent by a factor of up to 50. This means e.g. that instead of sending 1000 bytes for each customer record, the RapidiConnector only needs to send 20 bytes. This dramatically reduces both the transfer time and needed bandwidth.
Because of the proprietary protocol and the compression, it is practically impossible to decipher the data transmitted – thereby ensuring data security. Applying SSL encryption on top of this make it simple and secure.
About the author
With over 25 years’ experience in strategically propelling businesses forward, Henning is considered a business development entrepreneur with a passion for transforming businesses, sales and marketing operations through out-of-the-box thinking, concepts building and process automation to improve overall performance and scalability.