Use Cases
Data at Rest
More than 85% of the data within an organization is unstructured and out of that about 75-80% are considered dark (never accessed) or rarely accessed data. This data includes industry-specific data such as clinical trial information for the healthcare sector, data for the industrial and manufacturing sector, PII data etc.
Most of the data is not very frequently transmitted, shared, used, and often referred to as legacy data or data at rest. This type of data is generally stored in a single central repository (file servers, public/private cloud repository etc), with little or no security. Even with AES encryption, organizations are faced with the hassles of key management, thus making them vulnerable to single point of failure. This kind of data, if leaked, could cause severe damage to the organization in terms of business continuity, loss of revenue, reputation damage and fines.
SplitByte helps secure this sensitive data for organizations by using its patent pending algorithm, and ensures the highest level of protection. SplitByte puts encrypted fragments of data in multiple geo-dispersed locations, so that even if a breach occurs at one of the locations, zero information is revealed. The data can still be retrieved because of the application’s redundancy capability.
Data in Motion
Information is constantly exchanged over TLS/SSL channels for day-to-day communication. These include sensitive data being shared amongst the Company CXO’s like board meeting documents, acquisition/merger documents etc.
As the information is being transmitted it is under constant threat of being compromised. This becomes a matter of serious concern especially for federal agencies where the Army, Navy etc are sharing classified information during operations.
SplitByte’s technology provides a unique solution to this problem. Using SplitByte’s technology, one can chard the data into multiple pieces encrypt it with a keyless cipher, and send each piece separately over TLS/SSL using the same channel or in parallel over multiple channels. For military grade information, decoys can also be used in between the real splits to provide further obfuscation.
Data at Death
Data lifecycle management is a prime concern today, and organizations want to have sound data retention and aging policies in place. Based on records management and compliance requirements, a certain retention period is determined for the data, after which it should be deleted (Data at Death). But even then, organizations are afraid to delete the data in case they may potentially need it for future e-discovery.
Contrary to that, under the new GDPR and CCPA laws, the
customer has the right to demand for all their data to be deleted by the organization. Non-compliance will result in hefty fines that are pegged to a percentage of the overall revenues.
Deleting this data lowers the risk associated with it in terms of legal exposure, however, the organization would now lose access to the data permanently. Thus, organizations are faced with a dilemma where one law forces them to delete the data while the other asks them to retain for ediscovery purposes.
SplitByte offers a unique solution where the data is digitally buried and the threshold quorum of splits needed to retrieve the data includes an privacy ombudsman. Smart contracts can be set up so that the deleted data can only be “exhumed” if ombudsman validates the reason for retrieval.