Many businesses have struggled to remove privacy data from their applications thereby leaving these applications servers and databases exposed to privacy data. As such they still require all necessary security controls in these environments to meet data privacy compliance regulations. By replacing privacy data with tokens it is possible to remove data stores from the scope of privacy data security controls thereby significantly reducing the cost of compliance. However, to also take the applications themselves out of scope for privacy data security management then the privacy data has to be tokenized before the application layer.
DataDivider’s Interceptor can isolate a business’s application layers by providing its tokenization services either within an iFrame for ecommerce or within its Secure Browser for the contact centre/back office. As all brokering of privacy data with tokens can be managed within DataDivider’s Secure Cloud this precludes privacy data being exposed to businesses themselves thereby significantly reducing their privacy data security costs.
In order to minimize change costs within applications DataDivider’s Interceptor has the capability of injecting format preserved tokens directly into existing screens and thereby into the application’s data store. For all required communications of privacy data to third parties Interceptor can also broker this. Rather than communicating directly with the third party DataDivider’s Interceptor redirects the communication to DataDivider’s Secure Cloud which acts as a proxy for the third party. The re-directed API payload containing the privacy data tokens is then detokenized and redirected to the third party. The resultant message from the third party is then redirected back to the business. Interceptor together with the Secure Browser ensures that no privacy data is exposed to the business thereby reducing the cost and risk of privacy data compliance.
Interceptor’s ability to interact with the business’s application User Interface (UI) vastly reduces the cost of integration. Rather than having to open the patient for internal surgery no changes are required to application code. This not only eliminates the need for generally scarce resources it stops the necessity of application release testing and being included within the application release cycle. Roll out is deduced from months to days.