Voltage SecureData Enterprise processes over 12 billion events daily and enables secure data sharing through comprehensive data-centric security without impacting performance

Products and services

OpenText™ Data Privacy & Protection Foundation（Voltage）

Outcomes

Secure over 6 million retail transactions per day including orders and invoices
Protect over 7 million cloud-hosted customer loyalty records
High performance with 12+ billion daily events processed through Google BigQuery
Vastly improved ability to collaborate with marketing partners
Leaner supply chain through sophisticated data analytics
Enhanced risk and governance position, including GDPR compliance

Challenge

Protect high volumes of data and help gain insights to accelerate data science initiatives while maintaining privacy.

Details

Data-centric security vs. siloed approach

Sensitive data flows between applications, the network layer, databases, file systems, and data center storage systems. Although the data is secured at each of these levels, there are inevitable security gaps between the different layers, as data moves around the infrastructure.

A project manager for the organization’s CISO office explains the issue: “Although within the layers all data was encrypted, we still worried about data breach and data leakage risks through security gaps that hadn’t necessarily been identified or anticipated. Our layered approach was also expensive, as each layer needed its own security solution requiring its own expertise, making resourcing complex. With an enterprise-wide move away from an outsourced infrastructure and towards the cloud, we needed the peace of mind of comprehensive data security that enables us to move data between different environments without the risk of exposing sensitive data while also being able to scale efficiently. We felt that transforming our security model to a data-centric approach would solve these issues without impacting performance or customer experience.”

Voltage: ‘privacy by default’

Unlike point solutions that require system-based security integration, data-centric security enables trusted data to move between untrusted environments. It allows full data security and secure data sharing as data moves from storage to in-flight to in use within applications, remaining entirely usable in its protected form. After evaluating several market options, the organization moved forward with Voltage SecureData Enterprise to drive business value thanks to its proven scalability and ease of use compared with other solutions on the market. Making ‘privacy by default’ central to the organization’s security architecture means that data stays fully protected from the moment it enters the system. The data format and integrity, including validation rules, are respected with Voltage’s Format-Preserving Encryption (FPE). This not only significantly reduces the risk of compromised data, but it also leads to more timely project delivery, as potential security gaps were highlighted and accounted for before they could become showstoppers.

By leveraging Voltage FPE, partial or full fields are encrypted but the fields remain the same size and format and can be accessed only by people and applications to whom prior authorization has been given. The project manager comments on the importance of this: “We have over seven million cloud-hosted customer loyalty records, each one containing up to ten encrypted fields. We also process on average six million retail transactions a day, and on busy days we process double that amount. Voltage FPE supports virtually any data type in any format, and no database schema updates are required to preserve usability and referential integrity for data processes and applications.”

On average, we onboard a new application into Voltage SecureData Enterprise every other week. We encrypt data by default so that it is only ever exposed when really required. This gives us a much better risk and compliance position.

Project Manager
CISO office, Major Retailer

Effective cybersecurity partnership with Google Cloud

The retailer signed a strategic partnership with Google to move its entire application estate onto Google Cloud. The team was delighted to discover that OpenText partners with Google Cloud so that joint customers can use Voltage FPE, hashing, and tokenization services within BigQuery, Google Cloud’s highly scalable multi-cloud data warehouse. This is designed for business agility, allowing customers to gain insights with real-time and predictive analytics. The retailer’s analytics platform, along with its campaign management platform, was migrated to Google BigQuery. This led to an explosion in usage volumes for Voltage SecureData Enterprise, and the platform currently processes over 12 billion events every day. As this customer consumption data lake can be securely shared with external parties, this has made the organization a prime partner for third parties to engage with for innovative digital marketing campaigns in the retail sector.

“All our Voltage-protected consumer data flows into BigQuery where our marketing teams have easy data access to target their marketing campaigns with precise customer profiling,” comments the project manager. “We also leverage BigQuery for automated consumption data analysis to support our ordering process and supply chain management. The enhanced data is used to secure better margins on supplier pricing and allows us to operate a leaner supply chain than our competitors. This first-mover advantage is proving very helpful in multiple markets where we see the competition scrambling to catch up with us.”

The cloud-native integration between Voltage SecureData Enterprise and BigQuery means that the responsibility of data security can be delegated to the application owners and the data scientists. They have the experience of understanding which data might need to be decrypted and how to manage that process securely while still adhering to GDPR requirements. Business analysts enjoy working with Voltage SecureData Enterprise as the data is protected throughout its lifecycle, while integrating with a broad range of environments, clients, and platforms.

The full move to the cloud gives the organization more elasticity and the opportunity to be entirely data-driven. In its brick-and-mortar stores, this streamlines stock and supply chain management, while the digital channels benefit from the speed and agility with which they can adapt and work with innovative third-party companies.

Fast time to market while fully GDPR-compliant

Fast time to market is everything, and service delivery improvement is a key success factor for the organization. The project manager recalls a recent scenario in which having ‘security by design’ at the heart of the IT architecture proved invaluable: “Our marketing department came up with a great idea to engage our loyalty card holders through a collaboration with an innovative gaming company. We would gain valuable extra insights into our customers’ preferences, while they could have some fun. Normally, we would need to fully understand how an application works and how it manages sensitive data, including data flows. However, the Voltage SecureData Enterprise foundation we have in place makes it easy for us to provide essentially subscription-based access to our protected data, often to start-up companies that are very agile but may not have data security at their forefront. Because we keep control of any data access, we can speed up the global process while complying fully with GDPR and other relevant data privacy regulations. We accelerate our business and maintain the same level of performance, but in a fully secure manner.”

Another recent example was when the organization teamed up with a third-party food delivery service. The retailers’ loyalty card customers are eligible for targeted promo codes, and because all data is encrypted by default on the retailer’s side and can safely be shared, the amount of data and the level of sensitivity really doesn’t matter anymore. “A partnership deal of this size would have taken at least nine months in contract negotiations to ensure that our data privacy is ensured,” says the project manager. “With the benefit of our Voltage SecureData Enterprise security, however, the deal took just three weeks to complete. This business agility gives us an invaluable first-mover advantage in a fast-changing industry.”

All our Voltage-protected consumer data flows into BigQuery where our marketing teams have easy data access to target their marketing campaigns with precise customer profiling. We also leverage BigQuery for automated consumption data analysis to support our ordering process and supply chain management.

Project Manager
CISO office, Major Retailer

Huge data load safely moved to the cloud while improving team collaboration

The project manager can see clear benefits: “As a result of implementing Voltage SecureData Enterprise in a data-centric security model, we are more agile and can respond much faster to ever-changing business requirements. On average, we onboard a new application into Voltage every other week. We encrypt data by default so that it is only ever exposed when really required. This gives us a much better risk and compliance position.”