What does it look like when you secure a file with Safe-T? We talk a lot about creating granular access controls and integrating with your existing security structure, but it may just be easier to put the whole journey in context. Starting with an email and an attachment, here’s how Safe-T’s Secure Data Exchange solution takes care of a file – and its accompanying text – in order to keep it safe, auditable, and easy to use.
It Starts with Secure Mail
One of the biggest pitfalls of secure email is that the most well-known form of email encryption – PGP – has several limitations (we’ve talked about this a lot). You can’t use it if the person you’re emailing with doesn’t have it, and it doesn’t really support attachments. SDE, on the other hand, uses a clientless application that supports encryption even when the recipient isn’t using an encrypted solution.
For example, it’s possible to send someone an encrypted email and attachment that don’t decrypt until the recipient enters a one-time password. Once downloaded, the sender can limit how many times the recipient opens the email, prevent the recipient from forwarding the email, or even put the recipient in “view only” mode, where they can read the attachment but not download it.
Lastly, we can ensure that any reply back to a sender with Safe-T is also secure, even if the recipient isn’t using PGP or similar. (Which will be most of the time – one security professional says that he receives roughly two PGP-encrypted emails per year.) Emails sent with SDE can include a “Safe-Reply” button. When the recipient clicks this button, they’re taken to a secure webmail client where they can reply to you with encrypted message and attachments.
Step Two: Safe Spaces
When you receive an important email attachment, you’ll most likely want to share it with members of your team – which means placing it in a shared drive. At the same time, you’ll also want to make sure that people can’t move this information out of the shared drive, copy it, or delete it without you knowing. You also may want to share this information with some people, but not others.
SDE makes adding access controls to a shared drive easier than ever. By simply accessing a folder, the user gets a Safe-Space and can then upload/copy files into it, the administrator can provide or rescind access to team members, and assign read, write, and edit permissions. It’s a great way to make sure that your team uses the information it collects responsibly.
Step Three: Antivirus Integration
The tricky part with any folder that accepts data from outside the network is that the files inside it might have malware. The average user receives emails containing malware about 16 times a month, so in a large organization that equates to a constant stream of malware that could potentially make its way into your shared drives. Even if there’s no malware involved, the data in those drives is sensitive – you don’t want it to leave your network.
The answer to this dilemma is to integrate the safe space into your existing security workflow. SDE connects to antivirus software using a simple API, and you can use its built-in task scheduler to have the AV application scan the folder as often as you need – once an hour, once a day, once a minute, or every time a new file gets added.
In addition, you can use SDE to integrate your safe space with DLP. You can set SDE to upload the contents of your safe space to your DLP solution on a regular schedule, allowing your DLP to intercept every copy of that data that might leave your network.
Step Four: Logs and Reporting
Trust, but verify. Not only do you want to know that your solution is working, your auditors – the authorities enforcing HIPAA, PCI-DSS, and the GDPR – want to know that you’ve been doing the right thing. SDE constantly creates an audit trail that verifies the integrity of your solution for both administrators and regulators. You can even set it to alert on certain events, such as malware discovery or attempted file deletion, so you can intervene in the event of a security breach.
Step Five: Management
It’s hard to adopt a security solution that’s difficult to use. Although SDE is powerful, we’ve taken steps to make it very simple. An intuitive web interface or Windows management interface makes it possible to set permissions for an entire organization with just a few actions, meaning that you can go from zero to secure faster than you thought was possible.
At Safe-T, we strive to make sure that our solutions are both powerful and easy to use, but none of our descriptions can replicate the experience of using SDE. Why not try a free demo instead? Contact us and we’ll get you started with SDE today.
*** This is a Security Bloggers Network syndicated blog from Safe-T Blog authored by Amir Mizhar. Read the original post at: https://blog.safe-t.com/creating-secure-data-workflow-with-sde