Security Management

The BDB team collaborates with the customer IT/Security team to finalize the Security Framework based on ownership of security layers. It can be broadly classified as internal (Infrastructure, Application & Data) & external (perimeter) layers. A responsibility matrix will be outlined to define what each team will manage, security incident management, reporting mechanism & escalation structure.

BDB Platform has plenty of in-built security components & range of security features to ensure deployment is safe and secure. The user will not experience loss or corruption of data throughout its lifecycle.

BDB Platform uses industry-standard encryption methodology to secure data-in-motion (data moved in the network) as well as data-at-rest (data stored in the Data platform repositories). Platform support granular levels of data encryption, such as file-level encryption, Format Preserving Encryption (FPE), or tokenization.

Admin can perform end-to-end encryption which enables encryption of all network traffic using TLS, with the flexibility to configure the minimum TLS protocol version, encryption for data at rest is automated using encrypted storage volumes. Enable automatic client-side field-level encryption to encrypt sensitive data before it leaves the application and land in the cloud area.

The platform has a built-in Data Loss Protection component within Data Pipeline which enables Masking, Hashing, Redaction & Date generalization.

Platform has the capability for setting up Multifactor Authentication with 3rd Party provider. Using a trusted authentication feature platform supports different types of authentication methods such as SAML, x.509, and other methods which do not have dedicated authentication plugins.

BDB Platform supports out-of-the-box capabilities to manage compliance concerning GDPR, SOX, and other regulatory requirements.

BDB Platform has a built-in Security module that allows the admin to manage data level security & access management.

Data Level Security

Data level security becomes crucial when a large part of the organization is involved. This feature provides the organization with a custom, scalable method of applying security across their entire user base & maintains data level security which lets users restrict data insights only to the desired audience. Admin can use in-built security module to achieve levels of data security based on

• Object Level Security

• Row-level security

• Data at rest are password protected inside DMZ.

Access Management

BDB Platform has a built-in Security module that allows the admin to configure user access based on different parameters. Outlined below are different parameters used by the admin to manage access management:

• User access based on company hierarchy level ( like region, country, state, etc… )

• User access based on department/division level ( like legal, finance, quality, IT, sales, etc…)

• User access based on roles ( like the designer, delivery manager, developer, QA, etc.. )

• User access based on modules ( like DS module, pipeline module, admin module, etc.. )

• User access based on rights ( like View, Add, Change, Delete, Publish, etc… )

• User access based on data set values ( like database, component, etc… )