GDPR and HIPPA Compliance become simple, ridiculously simple,
and saving millions of dollars
Just how simple UDS can be to stay compliant? A few clicks simple
and no extra cost. The secret lies on the fundamental design that manages the
unstructured data as asset. The data contains PHI covered by HIPPA or consumer
information covered by GDPR is being tagged, categorized, protected and tracked
by UDS from the moment it was created, so the information can only be accessed
by the authorized user. It is a few click away to generate audit report with complete
access history to all the covered data, and it cover all the copies of the same
data. When the data reached to the end of life, UDS ensures that access to all
the copies are being removed, and only UDS can guarantee that. Even when any of
the copy are being stolen, you are still compliant since the data is encrypted
with random keys, not password.
Read more about how UDS helps stay compliant through managing and protecting the unstructured data.
Phishing has emerged being one of the most common thread to cyber security for everyone from individuals to companies to political organizations to government all over the world, simple because it is simple, cheap and effective. It
is effective because it targets humans and human makes mistakes sooner or later. There is no way to stop phishing from happening as long as it is effective, so the only way to stop it is to make it useless, with Unstructured Data
UDS won’t stop the phishing email from coming to you inbox, it won’t stopped you from clicking on the link, and it won’t stop the malware from being installed on your computer after you click the. Once getting on the host computer, the malware will try to steal data and access credential to the next target on your computer.
UDS can, however, make the data useless to the hackers, because they are encrypted with ASE 256 bit random key. Without authorization, no one can access to the contents of the data on your computer, including the hackers. UDS client app is GUI driven so malware can’t decrypted UDS protected files without being noticed. Not being able to scan the content of the data, malware will has no way of knowing what to steal, let along finding access credential to other servers. If malware can’t get access information to the servers, it simple can’t do any damage to those servers either. That is how UDS stop phishing.
Phishing is just like virus that cause infectious diseases like the Measles. When modern medicine can’t stop the spread of the virus, it invented the next best thing, vaccine, to create host immunity, which stops the damage the virus may cause to the body and its ability to spread to others. That is what UDS is doing to phishing, by create immunity through strong protection to the data lose therefore stop the malware from accessing to other secured data servers, when access credentials to those servers become inaccessible.
Just like virus, phishing won’t go away easily. It will infect any devices it can get to. The recent Measles outbreak in this country is a perfect demonstration of how persistent the thread can be. To eradicate the phishing requires long and persistent effort, and most importantly, from everyone. The herd immunity is the only way to get rid of phishing. When everyone and every device in the organization becomes immune to phishing, and only then it will stop the damage.
Unfortunately, phishing is not the only thread to data breach and stop phishing will only lead the way to other means. As long as we are human and we make mistakes, there will be ways for hacker to get onto our computers and try to extract information from it. But that doesn’t mean we have to be vulnerable, UDS is designed to build a strong immunity to hacking so those effort will not pay off, and this will be true as long as all the data on all the devices are being protected. Herd immunity is the best way to protect the entire environment. After all, we are as strong as the weakest link.
The average organization today has 20% of data stored in the highly guarded databases, and 80% of the data stored everywhere from highly secured servers to cloud to personal computer as well as mobile devices. The data stored in the
database are structured data and access to it are being protected in anyways possible, not only because the value of the data, but also for the
fact that protection for those are well established. However, the heightened protection didn’t seems to stop the breach and data loss. When the breach happens, organizations suffers loss in both reputation and monetary value, as well as regulatory fines.
Most time when breach happens, the hacker obtained access credential to the database and steal the data through seemly legit means. It is becomes extremely difficult to identify and prevent such intrusion become the system just can’t differential the true legit access from fraudulent ones when the same credential is presented.
Hackers often obtain credential through 2 means: internal source and hacking including phishing, both of which can be reduced or eliminated by protecting the unstructured data, the 80% of the data that are mostly not protected.
Among the unstructured data, some files used by automation may include access credential to the database so they can run unattended, and people may has files that contains access credential in their working computer to speed up the access. Some hardened access including Cloud services requires to use key files, and those files are often stay unprotected. Once the computer is compromised, those files can easily allow hackers to hop onto those servers and steal the data without leaving a trace.
Security can only be as strong as its weakest link. If the unstructured data is exposed, every other security measure is compromised. Every single data security expert would recommend to secure all the data in the environment instead of structured data only. Unstructured Data Shield is designed to protect the 80% of the unstructured data so the 20% of the structured data can stay protected.
UDS is designed to manage and protect the vast amount of unstructured data that comes in many formats and in any devices. UDS
1. Classify the data based on the content and usage so proper access control applies
2. Protect the file with AES 256 bit random key, not password
3. Store the key on the cloud server, separated from prorated file
4. Enrich the data with extra meta data
5. Centralized access policy determine access right in real time based on data class and business roles
6. Multiple administrative roles gives business the ability to adjust access as business need may change
7. Same access roles applies to all copies of the data, no matter where it is and who uses it.
8. Eliminate the IT personal access to the content but still allow them to manage the data
9. UDS and its team do not have access to the data or the content of the data, it only manage the access of the content of the
data based on the policy set by the organization
UDS completes the protection of the entire data for the organization. It just turned the weakest link in the security realm into one of the best protected area. By protecting every data and preventing access credential from being stolen, internally or externally, it turns the entire organization into a fortified castle, not just the structured data in an isolated island.
Data are shared very day by everyone, pictures and videos, on Facebook or Instagram, or simple through email, even a USB driver. But when it comes to the data that contains sensitive information, the data exchange become a security
issue. No one, rightfully, trust Internet and they should not. Email means the document will stay on with the providers forever. USB is never a good idea since it can get lost easily. The best approach nowadays is website. You
can sign a document using website,or send your social security card copy through secured email which essentially is to upload to website and hope for the best. After document reaches to its intended audience, it is normally expose
with no protection. The same situation would happens among businesses. Some has Virtual Private Network (VPN) connection between each other if the volume warrants, but even for those business, as soon the data leaves, the business
completely lost control and can hope the other side will handle with care. Occasionally, mistake happens and the document contains one client’s private information being sent to a different one, which would result in the damage
to the reputation as well as monetary compensation.
Unstructured Data Shied provide powerful protection to the documents, similar to that of VPN, is capable of protected the content of the document while it is traveling through the Internet. UDS custom can take advantage of this persistent protection and make it a virtual private document delivery system that secures the document well beyond the point to point protection
provided by VPN.
UDS provide a mechanism to allow inter domain document sharing. With this feature, each business can configure their UDS to define which business can have access to some of its files and which employees can access some of the documents from outside businesses. When business A decided it can let insurance department employee to access documents from its insurance broker B, and broker B allow its insurance documents for A to be accessed by A, the insurance documents for business A generated by B can then be shared by B’s sale team through normal email to A’s insurance department employee. UDS protects the content of those documents during that transit, and persists after it arrives at business A. UDS ensures that only the employee at A’s insurance department to be allows to open the documents.
UDS’s protection extends when the mistake were made. In above example. If the documents prepared for business A were mistakenly sent to business C, it would cause breach of privacy for business A and a liability the broker B has to remedy, not something a VPN could protect. UDS, on the hand, are designed to avoid problems in the situation like this. Since those documents are designated to be accessed by business A only, UDS would deny any access attempt by anyone in the business C.
In short, UDS’s inter domain access created a virtual system in which the documents are guaranteed to be delivered to the intended party securely using only unsecure network connection.