Accessing performance data on Amazon Marketplace takes anywhere from 20 to 25 clicks, and it’s only available for one year. That means that any analysis of year-over-year performance often happens manually in Excel spreadsheets. It’s a very cumbersome process for wholesalers looking to analyze sales on Amazon.
The software offered by Retail Data Partners, however, automatically collects that data and saves it to a customizable dashboard where wholesalers can easily review performance data over time. But to access sales data, Retail Data Partners needs access to its clients’ Amazon login credentials.
As part of their annual threat modeling exercises, Retail Data Partners identified two areas for improvement as it relates to data protection:
Secure storage of sensitive customer data and login information: Up until recently, highly sensitive login information was secured using a variety of security best practices and stored in a database with transparent data encryption enabled and key management provided by a cloud Key Management Service (KMS) provider. Despite applying best practices, the team knew that if a malicious threat actor gained access to their cloud or database admin credentials, they could ultimately get to the sensitive data with relative ease.
Enabling customers to control the encryption of their stored data: The company has customers across the globe, and many within countries with very strict data privacy and residency requirements (e.g., GDPR). A frequent customer request was for data to be stored in-country or in-region – a fair, yet non-trivial request for a SaaS company. However, one of the ways to comply with these types of regulations is to provide the end user customer full control of the encryption and decryption keys used to secure their data. This inspired the team to begin exploring bring-your-own encryption (BYOE), which enables an end user customer to retain full control of the encryption keys of data stored in a cloud provider’s environment.
The not-so-secret shortcomings of database encryption
Most database encryption solutions are designed upon a central implicit trust model, which essentially means that the database trusts that administrators and key processes have no malicious intent, and therefore allows them to access cleartext data. The encryption is “transparent,” by design. While the technical team at Retail Data Partners needed access to the database for administration purposes, there was no business case for access to sensitive data. In their case, customer login information and transaction data. This becomes an issue if you’re faced with an insider threat or external attacker, but it wasn’t a risk Retail Data Partners was willing to take.
Encrypting data at the database level — a common practice amongst some of the most regulated industries in the world, despite its obvious gaps — also brought up another concern. In the case of a data breach, customer login information could be accessed and stolen fairly easily.
Leveling up with third-party expertise
Retail Data Partners runs a healthy tech debt process and annual threat modeling exercises, and is continually looking for ways to simplify and improve processes for complex code. Because the encryption code was difficult to maintain and the team knew database encryption had major weaknesses, finding a better encryption solution had been on their list for some time.
The team started researching solutions, looking extensively into native database encryption solutions as well as Amazon Web Services tooling, but neither offered options that would meet their requirements and mitigate the risks they and their customers were most concerned with.
They then began to research application-layer encryption approaches and came across Ubiq. After a bit of discovery, they were optimistic about Ubiq for 3 key reasons:
- It had the potential to address both of their use cases
- It’s an API-based application-layer encryption solution with integrated key management
- It appeared to be developer friendly, and very easy to use and integrate
After a two-week POC, the team was able to validate their assumptions – both internally and by their 3rd party application security assessment partner – and decided to fully integrate Ubiq into their production application.
By design, application-layer encryption encrypts data within the application, rather than at the database/storage levels, which means cloud and database administrators could no longer access cleartext client login information when accessing the database. First use case… check!
Ubiq also allowed them to designate specific encryption keys per customer or customer dataset, which provided them the ability to encrypt each customer’s data with their own unique encryption keys and hand control of the key over to the client. It essentially provides clients with a kill-switch, so they can cut off Retail Data Partner’s access to their data at any time. This provides clients with not only confidence in Retail Data Partners’ security, but peace of mind knowing they are in control of their data. Second use case… check!
Best of all, the integration of Ubiq’s software was seamless and took less than half a day of a senior developer’s time to fully integrate.
This enabled Retail Data Partners to increase strengthen their data security practices, provide their customers the ability to control their own encryption keys, and minimize the ongoing effort and maintenance of their encryption tooling.
“Ubiq enabled us to address several long-term security gaps, deliver on a key customer requirement, increasing their trust in our services, and save developer time and cost on maintaining a homegrown solution.”
Bobby P, Co-founder and CEO