Eliminate Customer Data Leaks Without Limiting Operations
Secure Customer and PII Information with Redaction and Obfuscation
Controls to prevent data leakage and unauthorized access are critical for every printer working with Personally Identifiable Information (PII) and other sensitive data. While protecting customer data in transactional and direct marketing environments is paramount, print providers must also balance operational needs that require sharing documents with other internal departments and external partners for customer support, technical troubleshooting, and daily business requirements.
Solimar Systems’ redaction and obfuscation features are easy to implement and embed into automated workflow processes, so it becomes a standard option in your operations. Using these techniques to remove, obscure, or transform data so that it protects PII helps streamline business operations and minimizes issues with current and upcoming security legislation and audits. These technologies are an integral part of a multi-pronged data security and access strategy that should also include Zero-Trust Testing Environments.
Obfuscation
Obfuscation is a software rendering technique to obscure or make content unreadable by the human eye. It is useful to still view relative positioning of the content within the overall design. Solimar offers AFP-based obfuscation in Solimar® Print Director™ Enterprise (SPDE). Obfuscation is most commonly used in PDF files with ReadyPDF® Prepress Server.
Redaction
Redaction is object-level removal or hiding of specific design elements, such as the numbers of a credit card. Solimar offers sophisticated redaction capabilities using SOLindexer™ and Rubika®.
What is Obfuscation?
Obfuscation, per the Oxford dictionary, is making something obscure, unclear or unintelligible. In the context of printed communications containing sensitive information, it means making the information unreadable and unintelligible for the recipient. Intended recipients can use the documents for business purposes, while unintended recipients, like those from data breaches, do not gain any leverageable information.
Solimar obfuscation features work on several levels to create an optimized and PII-secure document. Settings control what elements of the PDF document should be discarded. Users can control items that typically add bloat to the file structure without any benefit to the recipient, like attachments, JavaScript actions, and hidden content layers. Images and paths can also be discarded, if necessary. Next, options are set for how numbers and certain words are whitelisted to remain unchanged after the obfuscation process. Whitelisting these elements allows the recipient to understand the document structure, such as page numbers or section headings, but not any PII elements.
What is Redaction?
Redaction edits text to hide or remove confidential or sensitive information. With Solimar redaction tools, the file is first indexed to understand and identify the relevant document structure and elements. Decisions and rules for specific elements can be created with Solimar tools to define how those items should be redacted or modified.
There are many ways to redact information. The text can be replaced randomly, with specific characters, or covered with an opaque rectangle, like using a permanent marker on a printed document. For advanced needs, regular expressions can be created as rules to find and modify specific characters based on a pattern match within the file.
Obfuscation & Redaction Use Cases
Obfuscation and redaction fulfill the requirement to limit information beyond the primary owner of the PII. Below are six use cases where files must be shared or used for business operations while restricting access to sensitive customer data:
1. Sharing Within the Print Service Provider
Supporting customers is a cross-departmental effort. Customer support representatives need access to customer files to respond to inquiries. Creative and document composition teams need to confirm the design and positioning of elements after the data merge. Most internal staff should only be able to access PII-restricted files to ensure operations run smoothly, so redaction and obfuscation can be a standard, automated practice.
2. Sharing Within the Customer Operations
Similarly, customers may need to use documents throughout their organization to support their clients. Marketing and compliance teams, for example, need to validate any document redesign before implementing regulatory changes. These tools are essential because many stakeholders are involved in testing and validation when adding personalized offers to transaction documents.
3. Sharing With Third-Party Vendors
Print service providers increasingly outsource custom development and programming based on talent or cost decisions. In some cases, development teams are handed datasets with minimum and maximum testing values, but in others, it helps to use a live data set. Obfuscating or redacting PII is a safe, best practice for sharing files to expedite development while minimizing risk.
4. Digital Delivery and e-Presentment
Consumers want the flexibility of accessing their transactional statements and notifications on their own terms, whether in print, digital, or both. Digital channels present higher risks for interception and misuse, which can be mitigated by removing PII.
5. Proofing and Approval by the Client
The accuracy of customer data is as important as the security and use of that data. When there are client-facing dashboards for proofing and approval, these files and documents should be modified to restrict PII, like account numbers and address information.
6. Managing Data Archives
With archiving and e-presentment services, the amount of data stored and managed is continuously increasing. There may also be customer-provided data hiding in IT, customer support, document composition, and other departments initially used to assist the customer but never discarded. Data at rest presents additional security risks, but they can be minimized if a redaction or obfuscation process is embedded into your overall workflow.
Redaction and obfuscation techniques aim to reduce the friction to your operations that security protocols and procedures dictate. Creating PII-restricted data whenever possible minimizes the security and operational risks to your operation, your customers, and their clients without burdening your existing workflows or staff. It is the smart move to make for your data-driven business.
Ready to discuss your needs and questions? Let’s have a chat!Ping us at SOLichat@solimarsystems.com
For more information, call the Solimar Sales Team at +1.619.849.2800.