You probably know the storyline, a mysterious Blob creature crashes to earth via a meteorite and two teens (Steve McQueen & Aneta Corsaut) head out to investigate. Along the way they run into an elderly man who has a weird blob attached to his arm. They take him to the doctor’s office, and then go to find out what happened. From there, the Blob begins spreading through the town and eating everyone in its path.
The Blob, a horrifying monster from the 1950’s sci-fi era, is much like its software namesake BLOB (Binary Large Object) that lives on today in modern digital services – albeit no longer binary.
Here’s four compliance lessons I was reminded when watching The Blob:
- Compliance fact #1: an enterprise has the same amount of risk associated with how it handles data it receives as it does for data it is sending. Blob fact #1: if you touch the Blob, you’ve got the Blob and there is no ‘do over’.
- Compliance fact #2: even if the enterprise really didn’t intend to receive the data, HIPAA and GDPR regulations require that same diligent care be given to any sensitive data no matter how it enters the enterprise. Blob fact #2: even if you didn’t intend on touching the Blob, once you’ve come in contact you’re exposed.
- Compliance fact #3: often when an application needs to access a single innocuous piece of data, a large complex data structure that holds the item is returned. Blob fact #3: the Blob may appear to be small as it creeps under the doorway, don’t be fooled, the Blob is massive.
- Compliance fact #4: an application may log or otherwise save the BLOB data without ever realizing how sensitive that surrounding data is. This exposes the enterprise to risk that was not immediately apparent given the nature of the application or digital service. Blob fact #4: While the Blob starts off small and appears innocuous, once exposed to human contact it’s painful (It’s first victim is heard moaning ‘it hurts…it hurts’). From there the viewer is convinced and frightened of the risk.
Don’t be like the townsfolk and heed the learnings from this movie: don’t overlook compliance when handling data.
The Trapize Digital Service Broker high-performance proxy provides visibility to all data that is crossing the enterprise boundary. All elements of the BLOB are inspected, tokenized and optionally redacted. Alerts and alarms can be attached to sensitive data that crosses the enterprise boundary in either direction so we can warn the townsfolk (I mean enterprise).
Think of Trapize as your digital “Steve McQueen” who is helping to protect your data from the risks and exposures you might not believe in before it’s too late.