Gloucester, United Kingdom, March 05, 2016 --(PR.com
)-- Toplevel has added full encryption capabilities to Dual Zone on the Outreach case management platform. Dual Zone partitions and secures case management data using a dual architecture comprising the ‘Encrypt Zone’ for customers to access encrypted data and the ‘Staff Zone’ from where case management staff initiate and control communications. Government-grade AES 256 key encryption has now been added to the Staff Zone ensuring full encryption of all records and communications in compliance with the Government Security Classifications Policy (GSCP), Data Protection Act (DPA), and the imminent EU General Data Protection Regulation (GDPR).
The need for encryption
The Information Commissioner’s Office (ICO) has the power to issue Civil Monetary Penalties of up to £500,000 for data breaches found to contravene the DPA with organisations fined between £80,000 and £325,000 over recent years, and the introduction of the EU General Data Protection Regulations over the next two years will also see pressure increase with fines of up to 4% of annual turnover and mandatory breach notification. The imperative is clear: organisations must have taken the necessary steps to demonstrate data protection and be able to document this due diligence through the use of effective policy, security controls, and technical solutions. The Outreach Dual Zone dual server architecture provides the capability to demonstrate compliance through the partitioning and protection of data using full data encryption on both the customer-facing and staff-facing servers.
How encryption is applied
Dual Zone partitions and secures case management data using managed key encryption and data segmentation. The unique advantage of Dual Zone is the way it encrypts customer facing records individually, whilst also offering the option to partition customer facing and staff facing data into two separate zones with a different encryption approach for each zone.
· The public facing Encrypt Zone server encrypts each customer record individually by using a different key for each customer record. Because it uses a different encryption key for each customer record, it is much harder for an attacker to compromise. This allows sensitive personal information to be collected and communicated but not stored en- masse.
· The Staff Zone server accessed by employees uses Transparent Data Encryption (TDE) to encrypt the database as a whole.
Dual Zone uses the AES 256 encryption algorithm, enabling automatic encryption, and data segmentation enabling public sector staff, their customers and outside agencies to collaborate seamlessly on cases.
“Encryption is a key buzzword at the moment but in truth encryption is only part of the story: to be truly effective and workable, encryption must be able to demonstrate effective key management. By using TDE we’re able to ensure that all Staff Zone data is secure with keys rotated as frequently as the organisation requires. But TDE also ensures that databases are both encrypted in-use and when backed up,” explains Howard March, Senior Development Specialist, Toplevel. “Key segregation protects every aspect of the solution, providing peace of mind when it comes to protecting sensitive data.”
Dual Zone – Dual Protection
Dual Zone is a a unique dual server architecture option of the Outreach case management solution which allows government, customers and outside agencies to communicate and participate through a single joined-up system while keeping all personal information protected and secure. Dual Zone comprises the ‘Encrypt Zone’ and ‘Staff Zone’ servers which operate in tandem using a data synchronisation engine common to both servers. Dual Zone now ensures full data encryption across the entire platform with the addition of encryption to the Staff Zone ensuring all customer data is individually encrypted whether it resides on the external or internal databases. Dual Zone can be deployed in a number of different ways, from an external hosted ‘Encrypt Zone’ and internally housed ‘Staff Zone’, to a fully hosted solution in a datacentre or the Cloud.
“Encrypting data on both the external public facing ‘Encrypt Zone’ and the internal ‘Staff Zone’ enables the organisation to demonstrate it has taken all conceivable steps to protect user data. That’s essential given the growing sophistication of cyber attacks, the increase in the volumes of sensitive data that government organisations are now handling, and the imminent enforcement of European legislation. Cyber attacks and data loss have seen government organisations consistently top the data breach charts compiled by the Information Commissioner’s Office (ICO). Data volumes are also on the rise as the public sector embraces digitalisation. And finally, there’s the issue of compliance. Local government alone has been fined £2.3m over the past five years for contravening the Data Protection Act (DPA) and the regulatory environment will become even more stringent when the mandatory EU General Data Protection Regulations (EU GDPR) come into force in two years time. Organisations will be required to disclose a breach within 72 hours and could face fines up to two million euros. This makes it imperative that public sector organisations act now to protect data as part of their digital drive through the application of segregation, partitioning and government grade encryption,” explained Jane Roberts, Strategy Director at Toplevel.