July 21, 2021
Solving Customer Data Privacy Challenges: Introducing the PII Data Privacy Vault
We’re excited today to announce Skyflow’s new PII Data Privacy Vault. This new vault, delivered via our API, makes it easy for any app or workflow to safely and properly handle highly sensitive personally identifiable information (PII) (i.e., customer data). With Skyflow’s PII Vault, developers can quickly solve the difficult problems inherent to PII data--including regulatory compliance, data security, data governance, data residency, secure data sharing, and more--freeing them to innovate on features and UX.
PII Challenges Today
Today’s businesses run on PII: mundane but highly sensitive privacy data types like names, addresses, dates of birth, phone numbers, social security numbers, and more. But this customer data is also highly regulated and at high risk of being breached by bad actors or by accident, so it must be carefully protected. The challenge is how to do both: use sensitive data appropriately in apps and workflows while ensuring the data stays private and secure.
The best opportunity to solve this problem has “shifted left” from security teams to earlier in the process. Today it sits with the builders--the CTOs, R&D teams, and software developers who can build-in data security and privacy at the foundations. We built the Skyflow PII Vault for them.
One Vault, Many Solutions
Building your app with a zero trust data privacy vault can save you from the cost and complexity of separate solutions for compliance, data residency, governance, and more. By using Skyflow to handle PII security and privacy at the foundation, you build in isolation, encryption, and a robust access control system at the data layer. Because Skyflow is PCI, HIPAA, and SOC 2 compliant, you also build from a baseline of compliance. Data privacy vaults can be in virtual private clouds (VPCs) anywhere in the world, making data residency challenges easier to solve. Built-in logging, audibility, and data provenance support your regulatory, planning, and investigative needs.
Best-of-Breed Data Security
Companies that have built their reputations on customer privacy, like Apple and Netflix, rely on zero trust data vaults for handling PII data. Skyflow’s PII Data Privacy Vault delivers the same approach as an easy-to-use API. Data is fully encrypted using our unique polymorphic encryption techniques, and can be used internally or externally as a token. Our powerful new Governance Engine allows you to build fine-grained and detailed access control policies around data usage and sharing. And each vault runs in its own virtual private cloud, ensuring it is isolated and protected.
PII-Ready Schema and Workflow Aware Architecture
The Skyflow PII Vault is designed specifically for PII data and PII workflows. The majority of PII data types are pre-built into the schema (but custom types are easy to create), and the majority of the actions tied to data types have been anticipated. For example, a phone number follows a standard format, and there are a certain number of obvious things you can do with it, like use only country code and area code for data analysis, use last 4 digits as a secondary identifier, or use the whole number to connect to a communications API like Twilio. Because Skyflow is workflow aware, these things, and others like them--ecosystem integrations, secure data sharing, secure cloud functions--are easy to do securely.