Data Privacy
In the digital age, data plays a huge role in our everyday life and it has great value in every organization. Utilizing it safely and ensuring protection is the responsibility of the organization. Unfortunately, data breaches happen frequently causing risks to the organization to expose information. These data breaches have compromised the data of millions of people. Recently, Wattpad has exposed the data of almost 268.745.495 million records. There are many reasons for data exposure and can be avoided by following certain guidelines. Don’t encourage click baits which download malicious software and corrupt the security, create security awareness among the people working in an organization, the password complexity must be high and credentials must not be shared with anyone, use the updated software after vulnerability fixes and never give authorization to multiple users having multiple roles. Data privacy tools play an important role in protecting the PII, and it can be in different formats like JSON, XML, XSD files, etc. based on the organization’s needs.
How iEDPS protects different message formats:
iEDPS is one of the data privacy products in Infosys which is used to protect the data and has different functionalities like masking (encrypts data), discovery (identify sensitive fields), and data generation (generates data). It supports relational databases, cloud databases, file systems, legacy systems, and big data. It is an easy-to-use, data privacy protection that helps in automating data protection and privacy across an enterprise. With the help of the iEDPS, the user can protect/mask the sensitive fields in different message formats like XML, JSON, SWIFT, etc. iEDPS reads the SWIFT template file and generate data for template variables defined using 50 plus data generation techniques available with iEDPS.
Different Message formats
JSON
- JSON is a schema-less structure that consists of key-value pairs and lists. It is used for data exchange between two parties.
- Many web services use JSON because of its lightweight structure and easy transfer. So, relational databases and no SQL databases support JSON to store and export data.
XML – XSD
- XML (eXtensible Markup Language) was designed to store and transport data or PII in the form of XML tags
- Users can validate the XML files with the XSD external file. XSD file (XML Schema Definition) is a schema structure of an XML file that includes details of the XML tags and data types used.
SWIFT
- It is a messaging format used by financial organizations for transmitting instructions and information seamlessly, accurately, and securely through standard system codes.
- A Unicode (Bank identifier code or Swift code) is assigned to various financial institutions.
The PII can be stored in any of the message formats. It is the responsibility of every organization and individual to protect the data, it includes personal information, medical records, financial records, etc…
There are many ways to provide authentication and secure data:
- maintaining sessions
- adding JWT tokens etc.
JWT
JSON web token is one of the most popularly used authorizations in web applications. The goal of JWT is to transfer data securely between two communities. As HTTP request is a stateless protocol, JWT helps in achieving authorization by sending it as a part of every request.
Sessions
Authentication using sessions can be achieved by adding cookies as a part of the header. The response must be given only after the validation of session IDs.
Adding encrypted tokens or IDs as a part of the request and validating it by decryption is more secure. The process of encryption and decryption can be achieved by iEDPS.
Conclusion
In this digital age, security is the major thing to gain the trust of users. iEDPS helps in gaining the trust of the users. Here’s a video explaining iEDPS. More details about iEDPS and its product suite are available on the iEDPS Microsite.
Authors:- Jaini Charitha, Sankar S.