Data Integration: Data Architecture Needs Data Privacy

A data integration hub is a proven system which provides a self service model for publishing data. Such a hub can enable certain information to be made readily available for a variety of users. However, for those who deploy such hubs for regulated and sensitive data, it is imperative to consider how the issue of privacy is best handled. 

When developing the architecture of such hubs, it is vital to consider how to safely transfer data across varying platforms; including the cyber sphere. The question is, how can we ensure data will be protected across such a heterogeneous environment? 

Then, we need to think about testing connectivity. If data needs to be validated alongside certain security rules, there needs to be some sort of capability to validate such data. However, testers should not have access or visibility into the actual data itself if it is classified as sensitive or confidential.

With such data hubs, the rules are difficult to enforce if data is being requested from one country and received in another. The risk of human error and potential data leakage increases exponentially. 

Rather than reading about a breach in the headlines, it is paramount that preventative measures are put in place. This means that time, and budget has to be invested from the infancy of the project. 

There are technologies that exist in the market which are easy to implement, and designed to prevent this very type of exposure. This technology is called data masking, which deploys the tactics of data obfuscation, encryption and tokenisation. 

This is why it's important to obtain a solid data privacy model, implementing persistent and dynamic data masking options which can be easily and quickly deployed, without the need to develop code or modify the source or target application.

So, when developing your reference architecture for a data integration hub, be sure to use robust data governance policies - don’t wait for the headlines to include your company and someone’s personal data.