IT in Manufacturing

How to adopt a data-centric approach to data security

April 2023 IT in Manufacturing

Gary Allemann.

There is no doubt that data protection regulations, like the Protection of Personal Information Act (PoPIA), are driving investment in data security. Typically, investments have included beefing up firewalls and other barriers to external threats; locking down the ability to extract data via devices such as memory sticks, and ensuring encryption of databases and hard drives. However, while these broad measures are important, they do not provide the level of protection required. This is because data privacy is context sensitive.

Sometimes, specific data is private, and in other contexts, it is not. That means that, to comply with PoPIA, a data-centric approach to data security must be applied that takes into account the purpose for which data is being used, and who is accessing it. So how do we adopt a data-centric approach to data security?

Data access must be restricted by purpose

In general, data privacy regulations such as PoPIA limit processing and access to data based on purpose. In short, data may only be accessed as required for a specific purpose. Blanket, all-or-nothing approaches such as encryption do not limit access based on specific roles. All users are either locked out, or have full access.

The General Data Protection Regulation (GDPR) requirement for a process register can be a great place to start. By linking business processes to roles, systems, and data, we can identify which roles require access to which data sets, and even to which attributes or rows of data. Using a data stewardship platform that makes it easy to identify and trace these relationships can speed up the process and make it easier to track.

Data classification processes need to consider purpose too. Generic classifications, such as PII or Restricted have limited value as they do not provide sufficient context for purpose-based security. Classification systems need to be more precise – for example, identifying telephone numbers, email addresses, names, and ID numbers. This allows data access policies to combine roles with the data that are required to support specific tasks.

Row and attribute

Fine-Grained Access Control (FGAC) combines roles with access to specific attributes. This is not enough. FGAC must also enable row-based filters. For example, data associated with children is treated as special data under PoPIA. A row-based policy could make all data for customers under 18 years old inaccessible, or we could restrict access to data based on location, or any other criteria. FGAC extends role-based access control to make access data-centric.

Future proof

As organisations increasingly embrace hybrid cloud, so the complexities of enforcing policies increase. It is very difficult to enforce policies if different technical implementations are required for each dataset, or each cloud provider. A single, centralised platform to manage data access policies on-premise and across various cloud platforms makes this easy, and protects against future changes in cloud provider.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Bringing brownfield plants back to life
Schneider Electric South Africa IT in Manufacturing
Today’s brownfield plants are typically characterised by outdated equipment and processes, and face challenges ranging from inefficient operations to safety hazards. However, all is not lost, as these plants stand to gain a lot from digitalisation and automation.

Control architecture leads to faster, easier product development for refrigeration
Opto Africa Automation Editor's Choice IT in Manufacturing
What’s the secret to providing superior service and staying competitive in a changing market? You might learn something from ALTA Refrigeration’s experience. Over ten years, it transformed itself from a custom engineering services company into a scalable industrial equipment manufacturer, using an edge-oriented control architecture to manage a growing installed base.

Comprehensive protection of the network against attacks
Phoenix Contact IT in Manufacturing
In recent years, the generation of data to create ever better transparency and control of production has become a decisive competitive factor. IIoT has also contributed to more manufacturing systems being connected to IT or cloud systems. This places higher demands on access security, which Phoenix Contact meets with the Secure Edge Box.

Embracing security as a core component of your technology
IT in Manufacturing
ABI Research recently undertook a comprehensive study to learn more about the product security assurance landscape from the perspective of enterprise customers, surveying 302 enterprise customers, and conducting in-depth interviews to complement the qualitative survey.

AI in manufacturing: a process engineer’s perspective
Editor's Choice IT in Manufacturing
The expert will tell you what to do, the philosopher will tell you why to do it, and the engineer will get on and actually do it. As the hype around AI intensifies, the number of ‘experts’ is increasing exponentially. In contrast, the number of engineers who actually know how to implement AI technology remains small.

Generative AI for immersive real-time visualisation
Siemens South Africa IT in Manufacturing
Siemens will deepen its collaboration with NVIDIA to help build the industrial metaverse.

Award-winning Gen AI solutions
IT in Manufacturing
Amazon Web Services recently hosted an exclusive event in South Africa on ‘Elevating Possibilities with Partners - a Showcase of GenAI Excellence’. This event brought together ten esteemed partners, including Synthesis Software Technologies, to highlight innovative advancements in the field of Generative AI.

AI is driving data centres to the edge
Schneider Electric South Africa IT in Manufacturing
The data centre has become the cornerstone that links our digitally interconnected world. At the same time, the rapid growth and application of AI and machine learning (ML) is shaping the design and operation of data centres.

Full-scale central control room simulator
Valmet Automation IT in Manufacturing
Valmet will deliver a full-scale central control room simulator to Nordic Ren-Gas, the leading Nordic green hydrogen and e-methane developer in Finland.

Re-imagining business operations with the power of AI
IT in Manufacturing
inq. has introduced a range of artificial intelligence solutions to assist organisations across industry verticals in optimising business operations and improving internal efficiencies.