What is the infoSecur technology?
infoSecur isn’t a new technology, but a process using a common technology. It is a method and simple policy metadata repository that resides on your existing technology. It is architecturally sound in that way. It is elegant, i.e., simple and it just works.
Why is infoSecur special?
No other solution is as lightweight and performant. It uses the capabilities of the technology your organization already has. It is easy to implement, learn, and reasonable to manage.
There is no other layer or point in your data environment where you can achieve optimum reuse and consistency.
High productivity and low risk… You can have both!
What does infoSecur require?
- A curious and inquisitive team culture with management support.
- A relational database or similar technology that supports views and joins.
- Trusted identity of the end user at the data layer.
Can I wait? What's the best time to implement infoSecur?
Of course, starting early is best because you can architect the solution into your entire architecture: data model, database layer, software layer, reporting tools, etc.
Rhetorical question: It’s affordable and easy to implement, so why would you wait?
We’ve already implemented our data warehouse. Is it too late?
No, infoSecur can be added on to most any data platform. Depending on your data model, there may be some amount of re-engineering and re-modeling, but usually that is minimal.
Enter your text here...
Why not just secure my tables themselves?
First, there are too many of them. Second, requirements change and you need to react to change easily. Third, when you combine users, their roles, and the data, the permutations of security requirements grow exponentially and become unmanageable.
Can’t I just use filtering at the client or in the reporting tool?
You could, but that is not consistent. You are trusting that a team or teams of developers, reporting analysts, and users all implement the security rules in the same way and understand them sufficiently to be consistent and thorough. That is a dangerous assumption.
I provision data files for my users and it works. Why change?
First, it’s risky and untrustworthy. If humans are involved in building those data files, mistakes will be made and data will be inadvertently leaked. It’s just a matter of time.
Second, it’s not scalable. You would hope your data becomes more valuable and demands increase over time. As that progresses, the requirements become complex and the number of data sets (files) grows and the risk grows exponentially with each copy of data you make.
Third, it wastes everyone’s time – both inside your organization and for your customers/users/partners.
How does infoSecur perform?
Since it leverages the database technologies, which today are highly capable of query optimization, it seldom adds noticeable overhead. At worst, the overhead increase is usually within 5% linearly. Often the query performance actually improves because of the optimization inherent in the methodology.
Does it work with all data models?
Data Vault, Dimensional/Star-Schema, and 3rd Normal Form (3NF) are all optimal. Other models like tabular, graph, etc. can be made to accommodate, as can hyper-normalized models like Anchor or Focal.
Can I implement infoSecur in my analytic “cube”?
Can it extend to my source systems or transactional databases?
What Industries can it protect?
- Health Care HIPAA, Patient Privacy
- Global Manufacturing
- Hi Tech
- Trade Secrets
- Contractual Obligations
- FERPA, Student Privacy
- Information Classification
- Multi-Tenancy Client Protection
- Intellectual Property
What skills are required?
After initial setup, your DBA can completely back away. Developers with basic SQL skills can implement incremental enhancements with ease based on infoSecur’s patterns. Users need no new skills at all. Its strength is in its simplicity.
How many people need to manage it?
After a few days of initial setup and training, 1-3 analysts can easily manage policies for an entire data environment to be shared with even tens of thousands of diverse users. It is usually a part-time job.
This seems so simple. Why didn’t I think of this before?
"Everything should be made as simple as possible, but not simpler."
"Life is really simple, but we insist on making it complicated."
"The business schools reward difficult complex behavior more than simple behavior, but simple behavior is more effective."
"Simplicity is the ultimate sophistication."
"The ability to simplify means to eliminate the unnecessary so that the necessary may speak."
Henry Wadsworth Longfellow
"In character, in manner, in style, in all things, the supreme excellence is simplicity."
“The most difficult thing to achieve is to make something complex appear simple.”
"It is far more difficult to be simple than to be complicated; far more difficult to sacrifice skill and easy execution in the proper place, than to expand both indiscriminately."
James J. Corbett
"Only those who have patience to do simple things perfectly ever acquire the skill to do difficult things easily."
Do you have customer service?
Of course! Our friendly and knowledgeable customer services reps are available to answer your questions within 24-48 hours.