Businesses have seen an explosion in the number of SaaS solutions and cloud-based apps they use. This has led to an increasing number of applications that access and process your customers’ data. While these applications create value, they also expose your sensitive data to multiple threat vectors. This forces businesses to choose between locking down sensitive data to maintain privacy and security and leveraging it to drive business innovation and growth.
Skyflow’s data security and privacy platform enables businesses to secure their sensitive data and harness business growth. We enable this with our isolate, protect, and harness approach.
Skyflow enables businesses to isolate, protect and harness their sensitive data without compromising security or privacy.
The Skyflow platform organizes sensitive data in a central infrastructure and protects it using a zero-trust architecture, strong encryption and full regulatory compliance.
Skyflow vaults have sophisticated privacy-preserving mechanisms that incorporate polymorphic encryption and de-identification. Furthermore, data is never decrypted - even while it’s processed in memory. Access to this data is controlled through dynamic, fine-grained policies.
Skyflow enables companies to leverage the power of sensitive data for use cases such as multi-party data-sharing, federated machine learning, and analysis to drive business growth.
Security and privacy can be hard. Skyflow aims to make it quick and easy with its developer-friendly API platform.
At the heart of the platform are Skyflow’s secure data vaults. Vaults use sophisticated privacy technology to keep your data secure and private. Enterprise-grade governance tools, including policy-based controls and audit logging, grant access to data in vaults. These tools are delivered through Skyflow’s simple REST APIs and the Skyflow Studio UI.
Isolated, highly distributed, and highly available vaults store sensitive data. Skyflow vaults keep data encrypted at rest, in transit, and in-memory while being processed. This constant encryption dramatically improves business security posture, as a significant number of data breaches happen on in-memory data. On top of strong encryption, Skyflow vaults incorporate several privacy-preserving technologies to protect sensitive data. See the next section on Privacy Preservation for details.
A vault comes with a set of predefined tables and fields based on common use cases. For example, here’s a schema for predefined Customer Identity Vault, used to store sensitive customer data:
Every field in the vault has an associated Privacy Data Type that defines the sensitivity level of data. Learn more in the Privacy Data Types section. Currently, two kinds of vaults are available, a Customer Identity Vault to store customer data and a Payments Vault to store credit card related data.
Access control and observability for data are two foundational principles that support privacy preservation. Each table in a Skyflow vault has corresponding audit logs that record all events. Logs are aggregated and reported in analysis, audit and metrics dashboards.
Skyflow has a Role-Based Access Control model in addition to the Policy-Based Access Control model. The well known and well understood RBAC provides easy access control to stakeholders based on roles and privileges. For more information, see Setting up your organization with Skyflow.
Skyflow is an API-first platform. All the platform’s functionality can be leveraged through our simple REST APIs. Additionally, key use cases such as account administration and data access can also be accomplished through Skyflow Studio, our cloud-based UI.
REST APIs Highly available, well-documented REST APIs allow all manner of vaults and data access, along with some account and workspace management functions. See Get Started with Skyflow for a tutorial on how to start using the API, or see the API reference.
Skyflow Studio lets you explore data and manage your account with a simple, intuitive UI. The Vault Browser (shown below), can be used to access data:
Clicking ‘Blocks’ on the left hand side reveals the SQL workbench, where you can run queries on data stored in the vault, as shown below: