Month: January 2022

Do you notice the risks you take every day with data? Most of us don’t. And with good reason – we’re not given much of an option to insist on data privacy. If you’re really privacy-savvy, you’ve probably adjusted browser and cookie settings or steer clear of sharing personal information online or via email. Unbeknownst to most however, the information and attachments we share personally and at work are almost never private.

That’s why Data Privacy Week is more important than ever.  Awareness is planting the seed for digital privacy behaviours and future standards for all data. At DropSecure, data privacy is the reason we exist; naturally, we’re committed at all levels to data privacy.

Privacy matters

Data privacy is about how information is protected relative to its importance. Personally identifiable information (PII), health data, and financial details are the holy grail of individual privacy.  For businesses, data that is core to privacy extends further to include information about employees, customers, prospects, and includes operational and financial information.

Why is data privacy so hard?

The reality is that the sharing and ease of access to information is the lifeblood of our digital economy. Over the past decades, the means to share data increased disproportionately quickly and broadly compared to privacy safeguards.  Platforms that enable us to share data – everything from your web browser to email to search engines, social media, and digital payment processing – are the foundation of the digital acceleration and mobility for individuals, businesses, governments, and beyond.

Awareness is half the battle

Statistics on identify theft and fraud are concerning, with research showing a sharp increase in 2020 in complaints of individual ID theft and fraud.  Businesses face even steeper risks and constant threats.  In fact, a lack of privacy is the status quo today rather than the other way around.

Changing the privacy status quo

For most, data privacy is a matter of policy; for us it is who we are. We believe that privacy is a fundamental human right. It is our mission to not only protect but empower the right to keep data secure and private at all times.

DropSecure Data Privacy Pledge

We uphold three promises to our customers:

1. Zero Knowledge: No one, not even DropSecure, can ever access the content of the data shared through our platform
2. Encryption: Ensure customer data is protected with military-grade encryption
3. Privacy: Customer information is private at all times. We never sell customer data.

“Our customers trust DropSecure to share personal data and documents with others via our platform. At DropSecure, we take this responsibility very seriously. Keeping this data secure and private is everything we do. We exist to protect the privacy of our customers and we will continue to do so.”
– Amish Gandhi, CEO, DropSecure.

Way beyond basic compliance

At DropSecure security and privacy are of primary importance. We have extensive experience in safeguarding personal data and helping our customers, that must comply with the highest standards of security (e.g., governments, universities, healthcare organizations, other public authorities, and organizations, such as financial institutions), not only to meet their legal obligations but go beyond to secure data privacy.

Privacy principles and data protection protocols are basic ingredients embedded in the design and architecture of our solutions, technology infrastructure, and business practices. Compliance, risk management, and information security work closely will all areas of the business. We deploy internal audits to regularly tests design and operations to ensure personal data is effectively safeguarded.

Start sharing your data safely

• See how easy sharing files can be without compromising data privacy with a free trial
• Read more about DropSecure and how to protect your business data and ensure shared data remains private

Research Source: https://www.iii.org/fact-statistic/facts-statistics-identity-theft-and-cybercrime

It is believed that approximately one-third (30%) of a person’s life is spent working. While many career and financial goals are achieved during this time, many significant and personal milestones are also crossed as an ‘employee’. The first job, the first house, wedding, children, health, retirement and sometimes even bereavement!

This shows just how much personal information is held by HR departments, not just during an individual’s duration of employment but even after they have left the organisation.

Apart from basic information like name, email, date of birth, residential address, etc., HR departments hold complete dossiers on their employees. Salary, benefits, conditions of employment, sickness, absenteeism, pregnancy, adoption, gender associations, disciplinary and grievances issues, pension, retirement benefits, IRS data, criminal convictions…the list goes on.

Hacking into such a database could be a dream-come-true for data thieves.

Indeed, not all information is held all the time. New regulations guide HR managers in managing this data effectively and responsibly. These guidelines are only getting better and more stringent.

That said, employers and specifically HR managers cannot ignore the weight of the responsibility they carry, nor can they ignore the risk posed by data breaches. Seemingly secure organisations such as the United States Office of Personnel Management (OPM) also fell prey to hackers who targeted approximately 22.1 million personnel records of government employees.

The risks and responsibilities have only further intensified post Covid. With remote recruitment becoming the order of the day, recruitment documents like CV, application forms etc., and new starter documentation such as Form I-9, photographs, passport copies, employment authorisation cards etc., are being freely exchanged over insecure platforms like emails, chat applications and image sharing portals. Other highly confidential and sensitive information generated throughout the employee lifecycle, such as sickness data, family matters, disciplinary and grievances issues, pension details, etc., are also exchanged in the same insecure manner.

According to ‘Latest Hacking News’, an ethical hacking portal, employees whose data gets stolen due to employer negligence could be eligible to sue the employer. Data Breach Notification Laws for each state stipulate in great detail, the steps to be taken in case of a breach. It is anyone’s guess that the costs involved, the loss of reputation and the administrative burden is a rabbit hole that is difficult to come out of. And certainly, one to avoid!

A pro-active and systematic approach towards avoiding this risk rather than taking corrective knee-jerk reactions after the damage has been done is clearly a better option.

DropSecure is one such platform that uses military-grade, multidimensional and dynamic encryption methods to safeguard data.

DropSecure uses randomly generated AES 256 bit symmetric keys for securing data transfer. This ensures that data shared between you and your employee/colleague via DropSecure leaves devices fully encrypted and secured. A two-factor identification process is then used before issuing a decryption key/OTP to the intended recipient before it can be accessed. The File Vault Protection option can further safeguard any data saved by users on DropSecure servers by using ‘public key cryptography’.

Such features make DropSecure particularly suitable to exchange new starter information with zero risk.

What makes DropSecure different and better than other encryption platforms is that it requires no software installations and needs no passwords. What’s more, managers can set expiration dates, control and revoke access on files and folders, thereby ensuring that data is held only by the rightful owners and disposed of when the need is fulfilled. A remarkable feature when dealing with HR case work.

Zero Knowledge transfer further ensures that DropSecure themselves have absolutely no access to client information.

So really, no data is ever lost; and certainly, never found in the wrong hands.

With simple pricing solutions and FINRA, SEC and HIPPA compliance, DropSecure provides stress-free solutions for effectively safeguarding data while ensuring legal compliance.

DropSecure’s mission is to simplify your communication and sharing needs without knowing the contents of your data. To that extent, you can rest assured that your data is in your control.

Get secure with DropSecure cyber security’s 7-day free trial today.