4 Key Strategies for Data Security
In this SolimarSecret video, we discuss data security, highlighting four key strategies to protect sensitive data:
1. Redaction:
To protect sensitive data, the best approach is to remove it whenever possible. Solimar’s software offers a redaction feature that permanently removes sensitive information from documents, optionally replacing it with characters like ‘x’ or ‘0’. The more sensitive data is removed, the lower the risk of unauthorized access.
2. Data Obfuscation:
When sharing data with vendors is necessary for testing or troubleshooting, Solimar’s software can intelligently replace sensitive data with random characters. Users control which words to skip, and numbers are replaced with random equivalents, ensuring data formatting remains intact while sensitive information is concealed.
3. Data Retention Control:
Solimar products offer configurable options for retaining job-related data. It is essential to be intentional about data retention, ensuring that sensitive data only linger briefly. Setting dynamic deletion dates of data and documents significantly reduces the risk of data breaches.
4. Encryption & Decryption:
Solimar employs encryption and decryption to protect data at rest and in transit. Data at rest, such as files stored on servers or printers, can be encrypted using PDF encryption, making it extremely difficult for unauthorized users to access the data. Solimar keeps pace with evolving encryption standards to stay ahead of potential threats. Solimar utilizes encryption methods for data in transit, like COM Packet Privacy, IPSec, and HTTPS with SSL Certificates. Even the transfer of output to printers is considered, with support for encrypted print streams when needed.
We can emphasize the importance of being proactive in managing data security and suggest considering the legal retention periods for financial records to delete outdated documents, thus reducing risk safely.
Furthermore, we would like to highlight that Solimar’s InfoSec White Paper provides a comprehensive resource for understanding these strategies and other aspects of data security. This paper is accessible through SUO (Solimar University Online) and can be obtained from Solimar’s support or sales representatives.
In conclusion, Solimar Systems offers a multifaceted approach to data security, including redaction, obfuscation, data retention control, and encryption. It enables organizations to protect their sensitive data effectively and reduce the risk of unauthorized access or data breaches.
Solimar software processes millions of highly-confidential documents every day. Our software operates in some of the most locked down environments on our planet. Data security is not a product or even a feature of products, rather, it is the process of protecting sensitive data and preventing data loss through unauthorized access. Today, we’re going to discuss four ways Solimar can help you keep your data safe.
The best way to protect sensitive data is to remove it when possible. Not all personal information can be removed, but where possible, this is an excellent approach. Redaction doesn’t mask data in the documents, it removes it from the documents permanently. Optionally replacing it with things like Xs or zeroes. The more sensitive information you can remove, the less is at risk.
When working with software or hardware vendors, there are times when you need to provide output for testing or troubleshooting, but you can’t because it contains sensitive data. Solimar has the ability to obfuscate this data by smartly replacing it with random characters. You have control over certain words you want to skip, and the numbers are also replaced with random numbers to ensure that tables and other data maintain their basic format. This method makes it possible to see text and formatting, but can completely remove sensitive information.
Solimar products have configurable options for obtaining job related data. Use them to ensure that live data isn’t hanging around unless it is absolutely needed. Be intentional about data retention. Get rid of sensitive data as quickly as you can. A major part of records management is determining retention periods. Most financial records have a legal retention period. Once this period has passed, documents can and should be safely deleted. In SOLsearcher Enterprise, there are flexible options for controlling retention. Careful control here both recovers disk space and mitigates risk. If you can’t remove data, another great way to protect it is by encryption. Today, we’ll discuss two encryption approaches.
Encryption of data at rest is where you encrypt files that are stored on your production servers, printers, you encrypt your database and basically everywhere in your environment where files are being stored. Encryption in-flight is the encryption of files as they are transported between machines and devices so that they can be protected from applications that would sniff those data packets.
Solimar has several ways to encrypt data at rest. When creating PDF files, you can use PDF encryption, which requires users to key in a password to control what users can do with the PDF content. Once encrypted, PDF files are almost impossible to break. Encryption methods supported by PDF continue to advance and evolve in a constant arms race with hackers looking to break them/ As new encryption methods are incorporated into this PDF standard, Solimar will add support for them.
SSE can be secured using many encryption options for data at rest, including database encryption for index information, as well as various disk encryption options for documents themselves, including encrypted file system or EFS, BitLocker and transport data encryption or TDE. Encrypting data in-flight entails encrypting the data before transmission, authenticating the endpoint and decrypting, and verifying the data upon arrival. SSE achieves this using COM packet privacy, IPSEC and HTTPS with SSL certificates.
One area of in-flight encryption not usually considered is the transfer of output to the printer. Many times, these systems live inside very controlled network security environments, but many times they don’t. For printers that can support encrypted IPP, SPDE and SOLitrack can spool encrypted print streams directly to the printer, providing in-flight encryption all the way to the printer. The information contained here and much more is available in our INFOSEC White Paper. This paper is available on SUO and you can also ask support or your sales rep for a copy.
