Client Success: Manufacturer Gets Row-Level Control of IoT Data for Compliance

his story is part of our client success series. It showcases Fortune 100 and 500 customers across various industries that turned to Privacera to solve their tough data security, access, and governance challenges. Check out all the stories in this series. 

With a diversified portfolio, this technology and manufacturing company addresses some of today’s most critical energy, safety, security, air travel, productivity, and global urbanization challenges. It combines physical products and software to serve customers in aerospace, energy, chemicals, electronics and materials, and refining and petrochemicals. It also develops sensor, safety, and security technologies for buildings. 

As part of its digital transformation program, the company’s aerospace and equipment division needed to migrate data to Microsoft Azure. At the same time, the company needed a way to automate tagging of sensitive data to enable data discovery, access control, policy management, data encryption and masking. See how turning to Privacera sealed the deal in ensuring the company’s data governance needs for compliance and data privacy with fine-grained access controls.

Business Risks

Given its mix of businesses, cybersecurity is critical to the company’s enterprise risk management program. The potential for cybersecurity risks drive the company’s need to protect access to confidential or sensitive data, including proprietary business information, personal data, or other information that is subject to privacy and security laws, regulations, and customer-imposed controls. 

European laws require this company to have an approved legal mechanism to transfer personal data out of Europe. The European Union General Data Protection Regulation (GDPR) imposes stringent requirements for how it collects and processes personal data and issues significant penalties for noncompliance. Several states and countries have also passed laws requiring personal data relating to their residents or citizens to be maintained on local servers with additional data transfer restrictions. Government enforcement actions are not only costly but can interrupt regular business operations. 

Mandated standards require increasingly robust cybersecurity protection that means implementing thorough comprehensive measures to deter, prevent, detect, respond to, and mitigate threats. Its IT teams worked diligently to keep up with cybersecurity laws and regulatory compliance. Amidst an ever-changing threat landscape, the company deployed identity and access controls, data protection, vulnerability assessments, and continuous monitoring of IT networks and systems.

Business Issues

Historically, this company relied on manual tagging of sensitive data. Data access policy management was done person-by-person, and native enforcement tools could not encrypt data, which led to unprotected data and additional data risks. Additionally, it could only manage data access and security policies via each system’s native enforcement mechanisms, leading to data silos and inconsistent application of policies. 

The company’s cybersecurity solutions team spearheaded the search for a solution to automate sensitive data discovery, access control, and policy management, as well as for encryption and masking for Databricks and Snowflake. 

At the same time, as part of its digital transformation program, the company’s aerospace and equipment division needed to migrate its cloud data to Microsoft Azure. In support of this initiative, It needed the company to address data governance with a focus on data privacy and compliance.

Like other aerospace organizations, the division had aspirations of building an industrial information of things (IoT) data marketplace. Because manufacturing and equipment performance data are highly sensitive, it needed to manage its proprietary intellectual property securely. Facing different regulatory compliance requirements, the cybersecurity solutions team led the effort to implement a governance solution.

Solution

For this company, the deciding factor in selecting a solution was Privacera’s ability to scan large amounts of data to identify sensitive data and then govern access to that data. With Privacera, the customer enforced row-level control of IoT data to ensure compliance commitments across multiple sets of customer data. 

The company can automatically discover sensitive data, control its access, and document and manage policies. Also of great importance to this customer is the ability to encrypt and mask data for Databricks and Snowflake. 

No matter how unique your data ecosystem, products, and processes are, Privacera can help future-proof your data security, access, and governance for greater scalability, connectivity, and competitive opportunities.For expert guidance on key aspects of unified data security governance, get your complimentary copy of the Gartner Hype Cycle for Data Security, 2023, where Privacera is named a Sample Vendor for Data Security Platforms (DSPs). Get your free report here.