UserClouds’s core feature is an API layer for data protection. This layer sits above the UserClouds User Store, as well as select on-premise data stores, mediating access and enforcing best practices in data protection.

Sensitive user data, such as PII, can be stored alongside granular user consents within the boundary created by the safety layer. Raw data is ideally rarely or never stored outside of the boundary. When applications outside of the boundary need raw data to complete a task, they hold the data for the minimum time frame required to complete it. Where data does need to be stored outside the boundary (e.g. for offline analysis), it is passed and stored in a tokenized or masked format wherever possible.

The safety layer consists of use-case specific APIs or "accessors" that:

  • Enforce access policy, including fine-grained access control, best practices in data security and local privacy regulations
  • Minimize data for the given use case
  • Log data access

For example, one data accessor may enforce best practices like:

  • Rate limiting: to reduce account takeover risk, employees may only access data at a human rate
  • Data residency: only allow data access in the target user’s home region
  • Role/permission checks: only allow access by users with role x / permission y
  • IP checks: only allow access on the company VPN
  • Consent checks: only allow access if the user has consented to the specified purpose
  • Data minimization or masking: inject noise, categorize the data or mask all but the last 4 digits of an SSN
  • Data tokenization: replace data with a secure, but resolvable, reference token

This simplifies and improves compliance by ensuring that the necessary data protection practices are reliably & programmatically enforced at an inevitable point of the data access journey. It greatly reduces the need for custom, privacy-related code across systems and languages, improving:

  • Engineering Velocity: Since privacy and access-related code is centralized, maintenance and update costs are minimized and can be performed by a single team. The goal is to minimize the engineering resources wasted on maintaining distributed glue code, manual clean-up work and human approval flows - so that engineering teams can focus on the mission.
  • Data Security: Data sprawl is minimized and data access can easily be turned off in case of a breach. Security-related code is much more easily audited, so it is easier to identify flaws in the logic. An audit log of data access (and the purpose for access) is maintained automatically.
  • Privacy Posture: UserClouds is designed to make adhering privacy regulation like CCPA and GDPR as simple as possible. Data misuse is minimized, data residency adherence is simplified and data subject requests are served trivially.