Barely a month after SecurelyShare emerged as one of the winners of the NASSCOM Emerge 50 Awards 2020, there’s more good news for us! SecurelyShare has successfully cleared the second stage of the DSCI Cyber Security Grand Challenge, thereby qualifying for the final stage of the Challenge. The second stage – the Minimum Viable Product (MVP) Stage – showcased our MVP, through our patented platform, DSG Vault.
But first, how did we get here?
Are there any safeguards right now?
A brief about our patented DSG Vault platform
So, where does SecurelyShare come in here?
As the next step, SecurelyShare will build and offer data security software as a service to ensure rapid compliance by organisations to these regulations. A significant off-shoot of this service would be the provision of a secure environment that enables organisations to store, share and process Personal Information (PI) and Personal Identifiable Information (PII) data. The generally accepted definitions are that PI refers to data that can be linked with a consumer or a household, while PII refers to data that can be linked to a wholly unique identity.
Our vision is to cover all aspects of Privacy Management answering concerns of consent management, security, access, control, operations, maintenance, monitoring and auditing – through a unified platform. The platform becomes the foundation for privacy-enabled analytics, computing and sharing of the data.
For whom is this solution?
DSG Vault ensures that PII data remain anonymised and encrypted while being a subject of analytics, thereby preventing the risk of re-identification and consequent exposure of confidential information. We see great value in working alongside data management, analytics and infrastructure providers to on-board a wider variety of organisations in need of such a solution.
We built the MVP to demonstrate the core competencies of our platform and to meet the objectives of the DSCI Challenge. The MVP was particularly based on the data-sharing and privacy-enabled computing for the food delivery industry.
For the final stage of the competition, the MVP will be enhanced to handle multiple use cases across multiple industries. We will introduce connectors to multiple sources, an ability to dynamically select attributes, an ability to set attribute-based access controls and anonymisation, among other things. Our vision is to make the DSG Vault platform capable of handling any type of use cases in secure data analytics, privacy-enabled data sharing and data management. This will enable quick compliance to regulatory requirements through our final product offering, so it echoes these regulations as far as maintaining the integrity of data and data protection measures are concerned.
After all, as 2018 Global Chief Information Security Officer Of The Year Stéphane Nappo said, “It takes 20 years to build a reputation and a few minutes of cyber-incident to ruin it.”
India is well on the way to bringing in stringent regulation with regard to data security and privacy. In 2019, the Ministry of Electronics and Information Technology tabled the Personal Data Protection (PDP) Bill, 2019, which is expected to be enforced in early 2021.
So, what does the PDP Bill oversee? As it stands, the PDP Bill aims to provide safeguards to individuals’ personal data, thereby ensuring privacy. The PDP Bill also calls for regulation of flow and use of personal data with the objective of protecting the fundamental rights of individuals who are owners of such data. In addition, the PDP Bill seeks the establishment of a “Data Protection Authority of India” to oversee its implementation when it has been through the discussions leading to it becoming a Law.
The industry has witnessed tremendous disruption after GDPR and CCPA came into the picture, drastically changing how organisations handle data. These regulations are aggressive in the way they protect private information, and have strict compliance requirements, leading to organisations scrambling to achieve full compliance. The necessity for speedy compliance will likely be seen here in India too with the PDP Bill.
In short, the PDP Bill, like its European and US counterparts, looks to ensure individuals retain some autonomy on the data they provide organisations, so that organisations can only make use of the data they need for operation, while “anonymising” the source of the data.