By Laura Case, InfoWorld |Emerging tech dissected by technologistsFor years, data teams worked with simple data pipelines. These generally consisted of a few applications or data feeds that converged into a standard extract, transform, and load (ETL) tool that fed data into a centralized data warehouse. From that warehouse, data was sent to a set number of places, like a reporting tool or spreadsheets. As a result, data protection was relatively straightforward. There simply was not as much data to protect, and the locations of the data were limited.But there were definite drawbacks to this “simpler” time, like unchecked data access. It was much easier for those who shouldn’t see data, like database administrators (DBA) and data warehouse teams, to access it in cleartext. Further, few regulations covered how to protect that data.Today, things are much different, especially for companies in regulated industries like financial services and healthcare. Government regulations, like the General Data Protection Regulation (GDPR) in the EU, the California Privacy Rights Act (CPRA), and the many other data privacy laws in the US, make data security a concern for nearly every organization. Data is an organization’s most valuable non-human asset, and compliance mandates outline strict guidelines for how companies must protect regulated data wherever it goes.According to Gartner, the data of 75% of the world’s population will be covered by modern privacy regulations by the end of 2024. But even as more companies become subject to these compliance mandates, 55% of sensitive data in the cloud is not protected by Encryption, and only 45% is encrypted. Those are alarming numbers, considering the fines organizations face for not encrypting data.Why do companies leave data unencrypted? One reason is that data teams need to perform operational and analytical computations on the data, but simple encryption does not allow these types of operations. Something as simple as sorting data is impossible when it’s encrypted. Many data teams need cleartext access to run valuable data computations, which can be a compliance issue.Data teams also face data sprawl. Not only is data being generated in more places than ever before, but it is being used in more places. Modern teams use a variety of tools—SQL and NoSQL databases, warehouses and data lakes, streaming platforms, Tableau, Power BI, APIs, etc.—to transport, integrate, query, analyze, visualize, and prepare data for other data consumers, leading to more places data needs to be protected.A single column of Social Security numbers in a database may have to be protected in hundreds—even thousands—of ways. Continuous compliance is a near-impossibility without data-centric protection.While many excellent data protection solutions are available on the market, each has shortcomings that prevent teams from maintaining compliance while extracting maximum ROI from data.Baffle Advanced Encryption was designed to overcome the last barriers to adopting encryption for analytics. It provides data-centric protection without the use of special hardware. It supports any and all operations on encrypted data while maintaining high performance. Its role-based access control reduces the number of people with access to cleartext data, ensuring that you comply with all compliance regulations.Baffle Advanced Encryption is an enterprise-level, transparent data security platform that secures databases via a “no code” model at the field or file level. Baffle provides a set of privacy-enhanced technologies that enable analytical and operational computations on protected, regulated data.Data teams use the Baffle Manager to create a proxy called Baffle Shield that protects data. Baffle Advanced Encryption is a PostgreSQL database plug-in (or extension) that supports all encrypted data operations. Baffle protects data exiting the data source, such as reports, spreadsheets, exported datasets, and SQL queries.Baffle Advanced Encryption offers role-based access control to determine who has cleartext access. No one can see data in cleartext—not even DBAs, depending on your access controls. Also, Baffle requires no application changes, and the solution integrates with key management systems, so organizations own all encryption keys, adding a further layer of security.Here’s a more detailed look at how Baffle Advanced Encryption works:No matter how it is used, data is always encrypted, allowing organizations to perform computations and share the results within and outside the organization without compromising performance or incurring the risk of non-compliance. This means you can perform business-critical functions without putting the company or consumer at risk.Unlike other privacy-enhanced computation technologies, Baffle Advanced Encryption is a software-based approach to confidential computing, representing a pragmatic balance among security, speed of deployment, flexibility, and cost. It is a modular, easy-to-implement solution that does not require application code changes.Further, Baffle Advanced Encryption fits into more extensive data security programs in the following ways:As organizations strive to take advantage of data analytics, data sharing, and AI, they must do so in a manner that protects consumer data. Having data-centric tools that protect data in the many ways they use the data is paramount to maintaining market differentiation. Baffle Advanced Encryption offers unlimited data usage while reducing the risk of non-compliance.Laura Case is director of product management at Baffle.—New Tech Forum provides a venue for technology leaders—including vendors and other outside contributors—to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to [email protected] read this:Copyright © 2023 IDG Communications, Inc.Copyright © 2023 IDG Communications, Inc.