February 13, 2017
Syncplicity delivers Privacy and Data Protection by Design
By Brian W. Levine, Syncplicity Security and Compliance Officer
As RSA 2017 kicks off, it’s exciting to look out at today’s security and privacy horizon and see how Syncplicity is uniquely positioned to help enterprises meet the most critical challenges in data protection and digital workplace transformation.
It’s almost a cliché to state that we have seen tectonic shifts in global privacy and security over the last 18 months (but I’ll recap anyway). Consider the rise of IoT botnets crippling the internet, corporations held hostage by crypto-ransomware, and nation-state hacks targeting US elections. In the privacy realm, the US-EU Safe Harbor treaty for data transfer was thrown out and its upgrade, EU-US Privacy Shield, stands on trial to decide if it will face a similar dismissal. Further, the EU-GDPR go-live date looms, and companies slow to adapt will be sure to find themselves in a courtroom facing fines starting at the entry-price of 20 Million Euros per violation. Deep breath, yes these are interesting times.
While cyberattacks increase and data protection laws are in flux, one thing is certain; a proactive transformation strategy which places user privacy and the protection of company data at the foundation is the clear route through the shifting landscape. Leading with these principles, Syncplicity has developed innovative solutions to meet these challenges, while enabling digital transformation and empowering your mobile workforce.
For our customers, the concepts of data protection by default and privacy by design mean that we place confidentiality and privacy of personal information and company data as primary requirements. Here are examples of how this design objective is embedded into our products and processes:
- While the physical location of data has become an increasing concern, Syncplicity’s hybrid cloud architecture offers multiple options to address data sovereignty. Customers choose where to host their file storage - on-premises, in a private cloud, or in one of Syncplicity’s regional public clouds. Policy-driven storage allows multiple storage locations to be defined within a single tenant account, meaning users have a seamless sharing experience while the back-end infrastructure complies with global data protection concerns.
- In 2016, we launched Syncplicity PrivacyRegions, an innovative solution which ensures personal information and company meta-data is stored and processed only in the local PrivacyRegion, and is not subject to cross-border data transfer regulations. The additional protection comes at no cost to the user experience; users can still seamlessly share files with trusted recipients in any geographic region.
- Fears of government action and potential ‘back doors’ in technology products have sparked a fever pitch of scrutiny and will continue to be debated topics in this environment. StorageVault Authentication is a patented security control that ensures it’s technically and physically impossible for Syncplicity to provide third-party access to customer data, as well as restricts insiders from any unauthorized access. This zero content knowledge approach ensures compliance with the most secure data processing and confidentiality requirements.
- Visibility and transparency is critical and we provide compliance certifications and audit reports for all our systems, processes, and data-centers. We have partnered with TRUSTe to validate our privacy practices and certify our commitment to privacy protection, choice, and accountability.
- Enterprises need to be proactive, not reactive, to ensure confidentiality and prevent data leakage before it becomes an issue. Our rich set of group-based policies and access controls allow companies to set the right level of data protection based on a user’s specific profile.
- End-to-end security controls like Syncplicity’s Secure Shared Files applies an encrypted rights management container around documents, so that when files are sent externally, they remain protected and the enterprise maintains ownership of encryption keys.
- Customers should not have to choose between security, privacy, and a great end-user experience. As we know, if you impede user productivity, users will find their own insecure alternatives. Syncplicity’s clients and Web apps are designed to enable frictionless productivity and collaboration without compromising on security and privacy.
- On every project, our developers perform an impact analysis to evaluate potential security and privacy issues before writing a single line of code. We use multiple third-party security teams to penetration test our systems using a variety of attack vectors and techniques.
Syncplicity has committed to delivering the highest levels of security, data governance, and privacy available in the file sync and share market, and we continually engage with our customers, R&D, and support teams to unlock new use cases for user productivity and enterprise transformation.
We welcome the challenges of 2017 and beyond and are passionate in our belief that we offer a unique value proposition to address today’s secure file sharing requirements. We look forward to engaging with you at the RSA Conference to demonstrate first-hand how we empower the digital workplace and modernize IT infrastructure while maintaining the highest levels of data protection and privacy.
P.S. Be sure to stop by our booth #N4243 to learn more and also receive a coffee mug with a #hashtag you will find interesting, and as always we welcome your thoughts and comments @Syncplicity @BrianLevinePM