Strategic & Management Consulting
Aleph Technologies has a strong expertise in technology domains such as database and big data, however, this expertise comes in pair with business experience over the years supporting projects and customers in a range of business domains such as Electricity & Utilities, Telco, Healthcare, Public Services, Media and Internet. It is therefore with confidence that we can advise our customers in the following areas :
Infracture Assessment & Evolution Advisory
How well the technology in place does support the business objectives ? How well does it age out ? How reliable is it under increasingly demanding business requirements ? It’s worth the money sticking with vendor X ? What if I migrate to solution Z ? We make an assessment of your existing data infrastructure and align it with your business objectives. We work together to establish a roadmap towards an infrastructure that better support your business objectives.
To do this, we help you get a view of your data landscape by identifying trends in volumes and KPI’s. With the right set of metrics we align with your business goals to make sure your infrastructure will be able to support them. We provide you with advise to upgrade your infrastructure and/or seek for technologies more apt for your future situation. We make an impact assessment of changes you’d require and help you estimate the risks involved.
As technology agnostics, we focus on your requirements and goals, not on particular vendors. We master propietary database technologies as well as open source ones and we know which kind of infrastructure works well with which workload.
Data Protection and Privacy Advisory
Are you ready for the EU General Data Protection Regulation going to be implemented quite soon, 25 May 2018 ? Have you identified sensitive data across your data infrastructure ? Have you identified potential data breaches ? Do you know how to implemente technical measures to comply with EU GDPR ? We help you comply with EU GDPR and avoid your company to face potentially high penalities in case of non-compliance.
We team with your as technical experts to implement technical solutions in order to get your compliant with GDPR.
Key GDPR Data Security Requirements
Risk Assessment
Security Risk Assessment: Controllers must carry on a Data Protection Impact Analysis on sensitive Personal Data and have to provide evidence that Personal Data is safe.
Attack Prevention
GDPR provides a number of techniques to prevent security attacks.
- Encryption: core technology to ensure data is not made accessible to unauthorized parties.
- Anonymization: complete obfuscation of data.
- Pseudonymization: minimize the linkability of data with the actual identity of data subjects.
- Data Minimization: data collection and retention must be minimized to the strictly necessary.
- Access Control: GDPR recommends measures at two levels, namely,
- Privileged users having access to Personal Data must be scrutinized to avoid breaches due to compromised accounts.
- Fine-grained access control to Personal Data ensures data is accessed only for a specific purpose and within a well-defined process.
Monitoring
GDPR not only imposes that all activities on Personal Data must be recorded, it also recommends a centralized audit management by the Controller officer. Moreover, alerting mechanisms must be in place to notify the controller in case of unusual activities on Personal Data.
How do we help you ?
We help on each of the areas discussed in the GDPR. Each of the task and techniques listed below require different tools and technologies depending on your actual infrastructure. We have extensive experience with the security features offered by the major players in the database and data platform ecosystem and we can help you with these concrete aspects.
Risk Assessment
- Personal Data identification
- Access, role and privilege analysis
- Security configuration analysis
Attack Prevention
- Encryption of data and data transfers
- Anonimyzation/Pseudonymization of Personal Data
- Personal Data Access Control
Monitoring
- Audit implementation and centralization
- Audit event notification implementation
Risk Management Advisory
Is your data at risk ? Is your data backup and recovery strategies in line with your business contingency plan ? Is your contingency plan sound and does it cope with new technologies added to your landscape ? Is your data leakable ? We can provide you witn an independant and expert advise on this important and often overlooked topic. Remember : your data is your most valuable asset, take good care of it.