When it comes to designing a system or process to safely transfer confidential data, it is wise to reduce the number of links in the chain. Each link is potentially vulnerable and needs to be mitigated or resolved – but it is those systems that require human input or control, that require the most attention
For example, however robust your company’s technologies and processes are, the more it features links reliant on human input, the more weak links will be inherent in that system.
The weaknesses of humans in the security chain are well known, and malicious intent is often not the motive. Tiredness, corner cutting, prioritizing output quantity over process, not concentrating with routine tasks, we’ve all been there…..and that’s before we introduce bad actors who will try and deceive us one way or another.
But perhaps the less publicised weakness of humans in a security system is our tendency to trust other humans. We’ll likely trust someone until we are proven wrong (when its too late), and we try to be helpful rather than sceptical, especially those endorsed by authority or institution.
That being said, the fact remains that a system reliant on human trust is inherently vulnerable, and some systems are more reliant on human trust than others.
So, what’s the solution? Well, the ideal system is one where there are just two humans involved – the sender and the recipient. This ideal system will ensure that nobody else can intervene to read the data. This system will be able to verify that the recipient has indeed received the received the data.
The good news is that such a system does exist:
The Dataguard ePay solution!
There are many ways in which Dataguard can help – for example ;
- Dataguard ePay manages the data digitally and in encrypted form.
- The encryption is to a standard endorsed by the NSA
- The encryption keys are generated by the sender on the sender’s device – nobody else has access to the keys except sender and recipient
- The encrypted data and the encryption keys are only brought together on the sender and recipients’ devices – they never sit together on a server or in the cloud.
- The data in transit is, in practice, unreadable.
- The sender will receive notification of receipt from the recipient’s device.
- The encryption keys are generated and managed by memory or password construction.
- The devices and not subject to the fallibilities of human
- Minimum humans, maximum-strength links.
This system is provided by Dataguard and the technology platform they utilise underpins three products – secure email, secure storage and secure payslips.It is characterized by the strength of each and every link in its security chain, and the elimination of the possibility of human intervention. It relies on the highest strength processes and technology.
Take out the weak human links in your secure data transfer. Rely on processes, not trust.