Watch our tech talk with AWS experts, "Data Residency 101: How to Scale for Global SaaS Growth", to discover innovative solutions for navigating data residency laws, including the data privacy vault. Learn how to expand globally while ensuring compliance with regulations like GDPR and PIPL.

Watch Now

Resources

Resource Library

Blog

How to Protect, Secure, and Use Unstructured Data

You Might Also Be Interested In:

Ashley Jose

Product Manager

October 11, 2023

Skyflow and Mulesoft’s Partnership Enables Data Privacy in Integrations

Today we announced the release of a new MuleSoft Certified Connector for Skyflow on MuleSoft’s Anypoint Exchange and joined the MuleSoft Technology Partner Program. With this connector, MuleSoft customers can leverage Skyflow to ensure data privacy, security, and compliance as they integrate PII data flows with MuleSoft.

Many companies use MuleSoft Gateway to integrate and manage the data flows between various services, including SaaS applications, cloud infrastructure, and databases. And sometimes these data flows include sensitive customer data: PII, PCI, and PHI. With the new Skyflow Connector, you can now use Skyflow’s Data Privacy Vault to ensure the privacy and security of sensitive data, and meet regulatory compliance standards, while accelerating time to market.

Skyflow’s approach to isolating, protecting, and governing sensitive data was inspired by the data vaults that companies like Apple and Netflix built to handle their customers’ sensitive data. With Skyflow, you can centralize and protect sensitive data so that it’s easy to achieve and maintain compliance with laws and standards like HIPAA, PCI, GDPR, CCPA, and SOC2.

Your security team can own and manage the encryption keys for all of the data stored in your Skyflow vault (BYOK, or bring your own key), giving you additional control over your data. Skyflow’s globally distributed vaults also make it easy to store regulated data in a specific geolocation, so you can meet data residency requirements implied or required by many privacy laws, including GPDR.

Skyflow Adds Privacy to MuleSoft Gateway

Skyflow Connector provides a connection between MuleSoft API Gateway and your Skyflow Data Privacy Vault. With the MuleSoft Gateway and Skyflow Connector, you can:

Protect the Privacy of Sensitive Data: When sensitive data passes through the MuleSoft Gateway, Skyflow protects the privacy of that data by isolating, encrypting, and centralizing it in your Data Privacy Vault. Your backend systems store tokens instead of sensitive data. To detokenize sensitive data, your backend provides those tokens to Skyflow, which confirms that your request meets strict zero trust access controls before detokenizing and returning the requested data. Skyflow further protects your data by using polymorphic encryption to let teams run workflows, logic, and analytics on fully encrypted data.
Achieve Faster Compliance and Accelerate Go-To-Market: Extract PCI, PHI, and PII data passing through MuleSoft Gateway and store it in a Data Privacy Vault to ease compliance with laws and standards like PCI and HIPAA. This approach leaves your backend systems free of sensitive data, reducing your compliance scope so you can ship products faster.
Ensure Data Residency: With Skyflow, PII, PCI, and PHI are stored in zero trust vaults that you can restrict to specific geolocations to meet data residency requirements from GDPR, DCIA, LGPD, PDPA, and other laws.
Manage and Audit Sensitive Data Access: Manage access to sensitive data using the fine-grained access controls included in Skyflow’s Data Governance Engine. Then, use Skyflow’s Audit API to audit data access so you can easily demonstrate compliance with data privacy and data residency requirements. ‍
Securely Share Data without Handling It: Send PCI, PHI, or PII data to a third-party service for processing while remaining compliant with stringent regulatory requirements like PCI DSS using Skyflow Connections.

*Skyflow Connector on MuleSoft Anypoint Exchange*

Skyflow Connector lets you reduce the time spent on complicated integrations and eliminate the need to build data privacy infrastructure in-house. Also, by using Skyflow Connector, you can save yourself and your development team the need to spend time learning to use a new API. With Anypoint Studio’s drag and drop features, you can build a simple integration with Skyflow in a matter of minutes.

Use Skyflow Connector to Intercept and Isolate PII

Let’s say that you work for a diagnostics testing company that collects PII data and uses MuleSoft as the middleware through which all of your data flows. To isolate and secure this sensitive data, you can now natively integrate Skyflow with MuleSoft so that all sensitive data that flows through MuleSoft Gateway is tokenized and securely stored in your Skyflow Vault. The following diagram shows how this solution would work:

*Using MuleSoft Gateway and Skyflow Connector*

The workflow looks like this:

PII Added to Frontend: An end-user using a diagnostic test from home enters PII into a frontend app that’s integrated with MuleSoft Gateway.
MuleSoft Gateway Routes PII: MuleSoft Gateway and Skyflow Connector identify PII data using pre-defined mappings and route that PII to Skyflow for tokenization.
Skyflow Stores PII, Returns Tokens: Skyflow receives the request and securely stores the sensitive data in your Data Privacy Vault in the appropriate field. Then it returns tokens that reference sensitive data to MuleSoft Gateway for storage in your backend service.
Tokens Stored in Backend Microservices: Instead of PII, your backend microservices only store tokenized data. They can retrieve sensitive data for an authorized use case subject to zero trust data access policies you create in Skyflow.

Use Skyflow Connector to Ensure Data Residency Compliance

Let’s assume that the diagnostics company described above has an app that’s deployed to the EU and US, with some region-specific configuration that occurs during installation. Your company needs to ensure that PII collected from EU residents stays in the EU and PII collected from US residents stays in the US to meet various data residency requirements. The following diagram illustrates how this data residency solution works:

*Apps in Multiple Markets Use MuleSoft and Skyflow to Ensure Data Residency*

To meet data residency requirements for the sensitive PII that you’re collecting, the first step is to deploy Skyflow vaults in multiple geolocations, in this case in the EU and in the US. Your Mule app running in MuleSoft Gateway can then use multiple Skyflow Connector instances to store PII where it belongs, in a Data Privacy Vault that shares the same geolocation as the customer.

Conclusion

Skyflow’s pioneering approach to data security ensures optimal privacy, fast performance, and high levels of usability. Using Skyflow in your MuleSoft API integrations helps you ensure the privacy of sensitive data and easily achieve and maintain compliance, so you can focus on your core products and reduce your time to market.

And because integrating Skyflow’s Data Privacy Vault into new or existing apps is as easy as using any other MuleSoft Connector, as a Mule app developer you don’t need to learn a new tool or API to ensure the privacy of sensitive data.

To start building apps that provide best-of-breed data privacy, contact us to try Skyflow and install the Skyflow Connector from Anypoint Exchange.

May 17, 2022

AUTHORS

with the contribution of