Complying with a plethora of overlapping privacy regulations is challenging enough in traditional RDBMS systems with multiple layers of security. Achieving this on fast moving dynamic data with Kafka requires a new approach. Confluent and SecuPi combine an event streaming platform with centrally managed, policy-based, Attribute Based Access Control (ABAC) and privacy compliant solution with data encryption and dynamic masking that enforces the same consistent data security rules, on-premises or in the Cloud.
Fully distributed, tightly integrated data protection applied as far upstream as possible in the data flow.
SecuPi overlays all of the required granular, fine-grained access controls, accountability and privacy compliance functionality without changing Producer, Consumer and ksqlDB processes.
SecuPi’s data protection capabilities provide the same functionality available for RDBMS platforms and applications on-premise or in the cloud.
Consistent, centrally managed, policy-based access controls are enforced end-to-end across the enterprise through a single pane of glass.
SecuPi runs on each Producer and Consumer processes as required without introducing a single point of failure or performance bottleneck. The most common integration method is through installing a single JAR file on each Producer and Consumer process. SecuPi then enforces the centrally managed policy (rules) for selective field level encryption, decryption or masking and provides a completely independent audit trail of all access to sensitive or regulated data. A second deployment option includes protection on the Consumers only, and a third option supports ksqlDB with the SecuPi Agent installed on each ksqlDB server.