May 24, 2023

Engineering for Data Privacy: Navigating Infrastructure, Security, and Compliance with Skyflow's Roshmik Saha

Share In
How to Subscribe

In this episode Roshmik Saha, Head of Engineering at Skyflow, dives into the fascinating realm of data privacy and security solutions. Whether you're considering building your own privacy solution or seeking insights into the infrastructure requirements for handling credit card data securely, this episode has you covered.

One important aspect that often goes underestimated is the maintenance costs associated with data privacy solutions. Roshmik emphasizes the significance of factoring in long-term maintenance expenses, as these solutions require ongoing updates, monitoring, and enhancements to adapt to evolving threats and regulations. It's crucial to recognize that compliance is merely a baseline and that solely building for compliance may not offer state-of-the-art security. Roshmik shares his expertise on how to go beyond compliance and implement robust security measures to protect sensitive data effectively.

During the conversation, Roshmik highlights key considerations and features when building a data privacy solution to securely store and govern access to data. From encryption techniques and access control mechanisms to comprehensive auditing capabilities, he offers insights into the foundational elements required for a robust privacy solution. Additionally, he emphasizes the importance of incorporating state-of-the-art security technologies and features to reduce the risk of data breaches and potential reputational damage.

Scalability is another critical aspect to address when developing a data privacy solution. Roshmik sheds light on the challenges faced by engineering teams in ensuring that the solution can meet the needs of a growing organization. He discusses strategies for building a scalable architecture that can handle increasing data volumes, user demands, and operational complexities.

Throughout the episode, Roshmik provides practical advice and shares his thoughts on various topics, including the future of data privacy and security technologies. By drawing from his vast experience and expertise, you'll gain valuable insights into building a data privacy solution that not only meets regulatory requirements but also ensures resilience against cyber attacks.

Topics:

  • If I told you I was starting a B2C company and I was going to build my own privacy and security solution, what would your advice be
  • Considering just credit card data, what would I need from an infrastructure standpoint to securely store, handle, and process credit card data?
  • Beyond infrastructure costs, what other types of costs would I need to think through?
  • What are the types of features or technologies I’d need to build to meet existing privacy requirements but also reduce the risk that I end up in the news for a data breach?
  • What are the key considerations or features when building a data privacy solution to securely store data and govern access?
  • What’s the engineering cost to build and maintain these?
  • What kind of expertise does an engineering team require to build something that you think not only meets regulatory requirements, but also is resilient to cyber attacks?
  • What are the most important security measures that need to be put in place to protect data privacy?
  • How do you test and evaluate the effectiveness of the data privacy solution?
  • How do you ensure that the data privacy solution remains up-to-date with evolving data privacy regulations and best practices?
  • What are the biggest challenges that engineering teams face when building a data privacy solution?
  • How do you ensure that the data privacy solution is scalable to meet the needs of a growing organization?
  • Why do you think companies try to do this themselves?
  • How do you ensure that the Skyflow is resilient to cyber attacks and other security threats?
  • What advice would you give to other engineering teams building a data privacy solution for their organization?
  • Are there any future data privacy or security technologies you’re excited about?

Other Podcast

May 17, 2023

Canadian Data Privacy Regulations and History with nNovation's Constantine Karbaliotis

In this episode, Constantine Karbaliotis from nNovation, a certified privacy professional with a wealth of experience in the field of privacy and data protection joins the show. During our conversation, we explore the evolution of Canadian data privacy regulations, from their early beginnings to the current landscape, which is shaped by a range of federal and provincial laws.

May 10, 2023

Understanding SOC-2 Compliance and Achieving It with Skyflow's Daniel Wong

Daniel Wong, Head of Security and Compliance at Skyflow, joins the show to share his insights into SOC-2 compliance and the steps companies can take to achieve it. Throughout the interview, Daniel explains what SOC-2 compliance is, why it's important, and how it differs from other compliance standards.

May 3, 2023

Data Access Control with lakeFS's Adi Polak

Data access control is becoming increasingly important as more and more sensitive data is being stored and processed by businesses and organizations. In this episode, the VP of Developer Experience at lakeFS, Adi Polak, joins to help define data access control and give examples of sensitive data that requires access control.