Security & Compliance Q&A with Airkit Co-Founder & CTO Adam Evans

Adam Evans is one of the co-founders of Airkit and it’s CTO. Adam previously was an Entrepreneur in Residence at Morganthaler and co-founded RelateIQ which was purchased by Salesforce.  He leads Airkit’s engineering and product team with a unique blend of technical know-how, business savvy, and a strong product vision.  

Airkit recently released  Airkit Studio version 18.3 – what’s significant about this release?

The promise of low code for enterprises in regulated industries is to streamline their software deployment process. Slow dev cycles are impeding innovation in how these companies engage with their customers – specifically around form completion/submission as well as direct and indirect engagement (voice, messaging, web, etc). 

Airkit focuses on solving several of these problems, from making integrations to data sources easier, to simplifying the AppDev process, and simplifying security and compliance for highly regulated industries. 

Our most recent release, Airkit Studio 18.3, focuses on a few of those with new features and enhancements. Highlights include: 

• Data Masking – Easily designate sensitive app data during build and allow tracking via access log/audits and masking depending on who is trying to access 
• Multi Environment Publishing – new publishing flow that allows applications to be deployed to multiple environments at once and enforces process and policy adherence in each of those environments
• New Application Creation Flow –  We want to make it incredibly easy to create a new Airkit application! In v18.3, we reimagined the initial application creation flow to reduce the number of clicks it takes to start building.

Data Masking sounds very interesting and important – can you explain that a little deeper?

For companies operating in these highly regulated industries, how they treat the sensitive data they acquire and process is critical. This new capability – Data Masking – the ability to easily designate sensitive app data (PII, PCI DSS, HIPAA) during application build – is a key capability for development teams working in these regulated industries. Tagging and categorizing information as sensitive prevents it from being seen by developers with insufficient permissions, prevents it from being downloaded insecurely, and allows it to be tracked and audited in production. This capability allows the developer to easily comply with data protection regulations like PCI-DSS. This is a powerful addition to Airkit Studio feature set unmatched by other low code application platforms. 

Generally speaking, security seems to be a theme with this release, is that right? How is Airkit secure?

Again, highly regulated industries like financial services, health care, and insurance have to meet the high standards of many security, privacy and compliance requirements in their industries established to protect consumer data and information.

Security and Compliance is rooted in everything that Airkit does. Our platform is designed with these complex, highly regulated industries in mind; customers’ expectations for security, privacy, and compliance guide everything we do. Airkit enables organizations to build secure self service customer engagement applications very quickly with our secure low code application platform. This breaks down in four distinct areas:

1. Build Secure Customer Engagements/Apps – our platform enables you to build your apps securely from the start. For example, our latest release (18.3) introduces Data Masking which allows developers to easily designate sensitive app data (PII, PCI, HIPAA) during application build – a key capability for regulated industries. Tagging and categorizing information as sensitive prevents it from being seen by developers with insufficient permissions, prevents it from being downloaded insecurely, and allows it to be tracked and audited in production. 
2. Administrative Controls with firm guard rails – the ability to provide permissions depending on an individual’s role in the organization (Role Based Access Control) is expected in practically all enterprise platforms and has been in Airkit Studio for years. Strengthening that capability is a new application publishing flow that allows applications to be deployed to multiple environments in an organization at once and enforce process and policy adherence specific to each of those environments.
3. Enterprise grade, secure low code application platform – the platform itself, Airkit Studio, has been designed for enterprises and the platform’s stability and security meet the needs of the most demanding enterprise organizations. Things like at-rest and in-transit data encryption, hourly data back ups with authentication-protected storage, SSO/SAML authentication, multiple data residency realms and BYO encryption keys are just some of the attributes enterprises require. 
4. Designed with highly regulated industries in mind (Compliance Certifications) – Highly regulated industries like financial services, health care and insurance have to meet high standards dictated by industry regulations. Regulatory compliance is rooted in everything that Airkit does. Our platform is designed with these complex, highly regulated industries in mind – certified compliance with PII, PCI DSS, SOC2, GDPR, and HIPAA are all completed and maintained. 

Learn more at www.airkit.com or start building for free on Airkit Studio.