ENCRYPT AND THEN SHARE | CONTROL REMOTE DATA STORAGE LOCATION | REVOKE ACCESS AT ANY TIME | MITIGATE DATA EXPOSURE RISK
Encrypt First – Share Later
Transfer General is disrupting the confidential data market by enabling companies to share and archive encrypted data.
Transfer General is disrupting the confidential data market by enabling companies to share encrypted data.
Mitigate data transfer risk by encrypting data before sharing or archiving.
Transfer General is disrupting the confidential data sharing market by enabling companies to share encrypted data sets. The data owner can heave a sigh of relief knowing that the data that is being shared is safe because it’s encrypted on-premises and can only be decrypted on an authorized device by an authorized user at the other end. The Transfer General has two components – Transfer General Main(TGM) and Transfer General Remote(TGR).
TGM – TGR – Storage Bucket
TGM – A hardened virtual appliance deployed next to the source of the data-to-be -shared/archived. The data is ingested into the TGM and the TGM encrypts it as soon as it receives it. Only you have access to the data encryption key. One TGM can support multiple partners.
TGR – A hardened virtual appliance deployed within the partner’s network in the DMZ. The TGR decrypts the shared data and grants access to authorized users. The TGR can not operate independently. It must be paired with a TGM and it can only be paired with only one TGM. The TGM administrator controls all paired TGR devices and is able to cryptographically deny access to the data that is stored within a TGR even without direct access to it.
Storage bucket- The storage bucket is used to share data with multiple partners. The main benefit of using a cloud storage bucket when the data is being shared with multiple partners is to conserve computing resources by offloading data transfer from the bucket to various TGR’s. However, it’s important to note that the data stored in the storage bucket is always encrypted thereby mitigating the possibility of a compromise due to cloud IAM misconfiguration or an insider attack.
The Transfer General is an ideal solution for sharing highly sensitive data with multiple partners located in geographically dispersed locations. It is a particularly suitable solution for regulated industries that share data with their partners and can be held liable for a data breach due to inadequate security measures put in place by their partner.
Share Highly Sensitive/
Regulated Data With Your Partners
Mitigate Partner Risk
The Transfer General encrypts data before it is shared with a partner. Once the data is shared with a partner it remains encrypted since it is stored in a device (TGR) that you provide to your partner as part of the initial setup. This hardened device sitting within the partner’s DMZ keeps the data safe and allows access only to authorized users.
Maintain Control Over Shared Data
Just because the data has been shared does not mean that you lose control over it. The TGM administrator can cryptographically deny access to the data that is stored within a TGR with or without gaining access to the device. Also, the TGR is designed to provide access on a need-to-know basis.
Conserve Compute Resources
Large data sets consume lots of computing power and/or bandwidth to share with multiple users. However, the Transfer General moves the encrypted data into a storage bucket so it can be shared with multiple partners without impacting your own corporate computing resources. It is worth noting that only encrypted data is stored in the storage bucket eliminating any possibility of disclosure due to cloud storage misconfiguration or due to an internal attack by a rogue storage administrator.
Archive Highly Regulated / Sensitive Data Using Cloud Storage And Maintain Confidentiality of Your Data
The Transfer General enables you to archive your regulated/sensitive data in private and public clouds so that you can cut down on your storage cost without exposing yourself to risks stemming from a data breach or non-compliance.
Since the data is encrypted before it leaves your network you know it’s safe to store it in a cloud platform. You can retrieve the encrypted data at any point and then decrypt it within the safety of your own network.
Store Regulated Data Securely
With data-at-rest encryption done on-premises, the Transfer General makes it easy for enterprises to store their regulated/sensitive data in a cloud storage bucket while preserving the sanctity of their data and ensuring compliance to avoid costly penalties.
Retrieve Data Anytime
Retrieve encrypted data from the storage bucket and decrypt it within secure confines of your own network at any time. This way you can maintain the integrity and confidentiality of your regulated data.
Lower Your TCO
Take advantage of cloud economics by leveraging low-cost long-term storage without exposing yourself to any liability due to non-compliance or a successful data breach.
See How It Works
Enterprise-grade Data Security and Compliance
The HIPAA Act requires covered entities to provide public notification upon discovery of a breach of unsecured ePHI (Electronic Patient Health Information) involving more than 500 records. However, ePHI that is secured via encryption does not trigger the breach notification requirement. SG-TDE-AnyCloud can help covered entities to gain protection under the Safe Harbor provision of the HITECH Act by helping them transparently encrypt their ePHI stored in a database or a file server, hosted on any cloud platform.