Transfer General is disrupting the confidential data market by enabling companies to share and archive encrypted data.
TGM – A hardened virtual appliance deployed next to the source of the data-to-be -shared/archived. The data is ingested into the TGM and the TGM encrypts it as soon as it receives it. Only you have access to the data encryption key. One TGM can support multiple partners.
TGR – A hardened virtual appliance deployed within the partner’s network in the DMZ. The TGR decrypts the shared data and grants access to authorized users. The TGR can not operate independently. It must be paired with a TGM and it can only be paired with only one TGM. The TGM administrator controls all paired TGR devices and is able to cryptographically deny access to the data that is stored within a TGR even without network access to it.
Storage bucket- The storage bucket is used to store data while it is being shared with multiple partners or acts as an endpoint if the data is being archived. The main benefit of using a cloud storage bucket when the data is being shared with multiple partners is to conserve computing resources by offloading data transfer from the bucket to various TGR’s. However, it’s important to note that the data stored in the storage bucket is always encrypted thereby mitigating the possibility of a compromise due to cloud IAM misconfiguration or an insider attack.
The Transfer General is an ideal solution for sharing highly sensitive data with multiple partners located in geographically dispersed locations. It is a particularly suitable solution for regulated industries that share data with their partners and can be held liable for a data breach due to inadequate security measures put in place by their partner.
The Transfer General encrypts data before it is shared with a partner. Once the data is shared with a partner it remains encrypted since it is stored in a device (TGR) that you provide to your partner as part of the setup. This hardened device sitting within the partner’s DMZ keeps the data safe and allows access only to authorized users.
Just because the data has been shared does not mean that you lose control over it. The TGM administrator can cryptographically deny access to the data that is stored within a TGR with or without gaining access to the device. Also, the TGR is designed to provide access on need-to-know basis.
Large data sets consume lots of computing power and/or bandwidth to share with multiple users. However, the Transfer General moves the encrypted data into a storage bucket so it can be shared with multiple partners without impacting your own corporate computing resources. It is worth noting that only encrypted data is stored in the storage bucket eliminating any possibility of disclosure due to cloud misconfiguration or due to an internal attack by a rogue storage administrator.
The Transfer General enables you to archive your regulated/sensitive data in private and public clouds so that you can cut down on your storage cost without exposing yourself to risks stemming from a data breach or non-compliance.
Since the data is encrypted before it leaves your network you know it’s safe to store it in a cloud platform. You can retrieve the encrypted data at any point and then decrypt it within the safety of your own network.
With data-at-rest encryption done on-premises, the Transfer General makes it easy for enterprises to store their regulated/sensitive data in a cloud storage bucket while preserving the sanctity of their data and ensuring compliance to avoid costly penalties.
Retrieve encrypted data from the storage bucket and decrypt it within secure confines of your own network at any time. This way you can maintain the integrity and confidentiality of your regulated data.
Take advantage of cloud economics by leveraging low-cost long-term storage without exposing yourself to any liability due to non-compliance or a successful data breach.
This site uses Google cookies to provide services and analyze traffic.
Copyright © 2021 SERVERGENERAL