5 Essentials to Implement ARCON | My Vault

The Context

The security and confidentiality of business information not just depends on who all have access to that information, but also – 

• How do organizations store business-critical information?
• Where do organizations store this information?
• With whom are employees sharing the information?

There was a time when organizations used to manage a huge pile of hard copies consisting of confidential information in secret drawers or iron lockers. To maintain confidentiality, these drawers used to remain locked always with keys kept in some fixed places with the knowledge of very limited people. 

Nevertheless, amid the increased pace of digitalization, that’s not feasible anymore. Business data is generated in huge volumes and scattered across the functional teams that manage the data. 

Indeed, usage of physical data has dropped drastically, and digital data (usage of soft copies) has skyrocketed. However, there have been loopholes with the practice of maintaining confidentiality, and thus, data security and data privacy concerns have increased. IT incidents such as data breaches, cyber espionage and data abuse/ misuse are rampant because of lack of adequate attention towards information security.

Today, there is an enormous amount of critical data and business secrets generated every day and organizations require a secure repository to store all such information. To address a growing number of use cases that can compromise critical business information, ARCON has developed My Vault to protect important files, folders, drives, secrets, keys, certificates etc.  

Use Case 1: Shared Information

Let us think of a situation where any user shares some confidential information with some other user and the recipient reshares the information with someone else. In a large IT environment, where huge volumes (in TBs) of data are generated (or transferred) every day, it is never possible for the IT administrators and the risk management team to monitor which file is accessed and shared.

Users either share files/ folders through email attachments or by sharing drives of the folders. They allow permissions to view the files, download the files or sometimes even edit the files as per requirements. Situations worsen if the receivers share those files again with someone else in the organization or anyone outside the organization.

This way, within a span of few days, there could be a possibility that the information gets shared randomly among multiple people both internally and with third parties. Some could save it in their drives, some could save in the USBs, some could even take a print of it. Eventually, the information no longer remains “confidential”, and the data privacy is misused.

ARCON’s My Vault offers a centralized repository to store, access and share critical business secrets in a secure manner. The files where this information is stored remain encrypted and can be deleted easily after a preset time to avoid any unauthorized access. It also controls the end-users’ activities based on the pre-configured permissions even at a granular level. ARCON My Vault can give certain privileges with regards to download, share, transfer of files/folders or access permissions that minimizes risks of data misuse.

Use Case 2: Packages

It is not just always files/ folders that require sharing, but also business secrets, keys, certificates or even new build of software are shared internally with multiple users to sync with the new patches. The users face challenges in maintaining security during such transfers. Any file/ folder, secrets, certificates or keys once shared with anyone in the organization, could be downloaded unlimited times, which is again a risky affair. Even if it is done in a secure enterprise network, we can confirm that downloaded files bear more risks of misuse compared to that of “read-only” or “view-only” files.

With ARCON My Vault packages, users can upload the files/ folders, secrets, keys, certificates or patches on My Vault and share those in an encrypted format with the recipients. My Vault implements restrictions also in the number of downloads to all these shared data. E.g., if the recipient downloads the file once after receiving it, he or she won’t be allowed any further downloads in the near future, unless the sender re-shares it. In addition, with the help of My Vault packages, the sender can apply a rule where the recipient will be restricted from sharing the file with anyone else without the permission of the sender.

Use Case 3: Downtime ARCON Password Envelope Management (APEM) Tool

Robust data backup mechanism is a crucial component of data storage. It has been witnessed quite frequently among organizations that inspite of vaulting their business secrets in an encrypted manner, they lack any convenient mechanism to have a data backup. What could happen if there is any unprecedented incident (majorly downtime) with the vault or storage system? The organization could be at grave risk of losing their information assets. 

ARCON Password Envelope Management (APEM) is a robust data backup mechanism tool that does not allow any stored information to be misused even if ARCON My Vault stops working. While analyzing and sharing confidential data assets and business secrets with My Vault, organizations can opt for APEM tool. During unexpected scenarios when My Vault is not working, then also the IT administrator can ensure that every data in the storage remains encrypted. The administrator can select a certain number of users through whom all the files are emailed in their inboxes in an encrypted manner. For further assurance of data security, those data files can be decrypted only through APEM tool after permission from the IT administrator. This eventually keeps every file and folder safe till My Vault services resume.

Use Case 4: Reports

If IT administrators do not have any record of the amount of data flow happening in an enterprise network, it could be catastrophic because they won’t be able to track who has accessed what data at what time and for what purpose. It could be risky from audit perspective as well because most of the regulatory compliances demand adequate safeguards to monitor data.

ARCON My Vault’s automated reporting tool keeps track of all the vault operations date-wise, timewise and user-wise. It highlights each action in the form of reports whether it is access or sharing of confidential files/ folders, keys, certificates etc. done by individual users in the enterprise network.

Use Case 5: Secure Data Sharing in Different Domain

In different departments of business development, it is a widespread practice to share business brochures, proposals or other Confidentials with their clients, prospects, and partners. Occasionally, the email domain restricts file sharing with different domains for security reasons. At this point, even if we remove the restriction and share the file, we still cannot be assured whether the file shared will not be re-shared with any other third-party user or how many times it is going to be downloaded.

After implementing ARCON My Vault, organizations can ensure secure and restrictive file sharing even with different email domains. Once the file is shared from My Vault, the users can put restrictions on –

• How many times can the receiver download the file?
• For how many days can the receiver find the file in his email inbox?
• Whether the receiver will be permitted to re-share the file with anyone else.

Hence, chances of data misuse/ abuse are minimized to a large extent.

Conclusion

ARCON| My Vault is an essential information security solution in modern enterprise use cases. It offers a centralized repository to protect, store and share confidential business information and secrets in a secure manner.