Why is it important to certify digital data and content?

Digital data/content is central to our daily and business life now, whether it be text, images, audio or video. With the advent of the Internet and mobile computing we are avid creators and users of digital content. As creators we are concerned with ensuring what we create whether it is an email, document or image as examples, remains and are used as we intended and are not misused in any way. As consumers of digital information we want to be able to trust in digital content we receive and use, know its source and that it is accurate and authentic. However we all know how easy it is to copy or change digital content/data either accidentally or maliciously. One of the big advantages of the digital world is that digital content/data is easy to view, copy, manipulate and process. Its strength is also its weakness. So the question is how do we protect the integrity of digital content/data we create? And how do we trust digital data and content we receive and use?

Let us consider some of the reasons we need to consider doing more than we do today:

Why we need to certify Digital Data & Content?

·         Want to be able to prove ownership and copyright of digital content

·         Want to know if content published on web site or issued has  been tampered with

·         Want users of content/data to be able to trust it

·         Want to be able to prove to authorities and management that the information is in compliance with process, standards and regulations

·         Want to be able to use it as irrefutable evidence of  ownership and the authenticity of their original content or data as evidence in a court.

·         People, Organisations and 3^rd parties make important decisions based on digital data/content, these decisions can have negative consequences so creating confidence and an audit trail for digital data can create that confidence and history

·         Should there be a question, concern, audit or challenge to the integrity, authenticity and provenance of digital content/data being able to prove beyond doubt these elements will avoid issues and possibly penalties.

How can I quickly and cost effectively create an independently certified record for the provenance, authenticity and integrity of my digital content/data?

Using a service like Digiprove will quickly solve the problem, it is fast to register, use and integrate into your process and software. You can then automatically (Autoprotect), manually or at scheduled time or events ensure some or all of your digital content/data is certified.

A good solution like Digiprove will:

·         Create unique digital fingerprint for each piece of content and/or data using industrial strength encryption algorithms such as SHA-256.

·         Send that fingerprint to the secure independent proof engine in the cloud where it will be date, time and location stamped and combined with your metadata into a digital certificate.

·         All details will be recorded in a traceable and verifiable audit file and the certificate returned to you as well as being stored.

This is in effect your insurance certificate that is fully traceable and can be verified at any time. It is your undisputable evidence that you own the exact content, at a point in time.

That’s all very well, but how do I know the integrity, authenticity and provenance of the digital content/data remains intact and as originally intended and it has not been changed?

There are two key areas that must be considered, and these are covered in the Digiprove technology.

·         Verification of the integrity of digital content/data. You decide how you want to do this, it can be done manually at any time, automatically using “Autoverify” or integrated into your process-application to occur on specific events and/or at specific times with warnings highlighted should there have been a change or tampering. (Positive verification re enforces confidence and trust)

·         Evidence, It’s your digital certificate and the Digiprove record that enable you to prove ownership and integrity beyond all doubt, and in the event there is an incident or case where there has been inappropriate use or tampering you have certainty as to provenance, integrity and authenticity.

 Again using the insurance analysis, your certificates are the evidence you are protected, verification provides the evidence to the assessor of the circumstances that exist at a later point in time, and should there be a legal or regulatory case the authorities can trust.

For more information

Sign-up for a free 1 months trial

 ( https://www.digiprove.com/secure/subscribe.aspx )

Verify content

(https://www.digiprove.com/secure/DigiverifyFile.aspx )

Join entrepreneurs program and integrate Digiprove (http://protect.digiprove.com/entrepreneur-program )

Protect your Wordpress website or Blog (http://wordpress.org/extend/plugins/digiproveblog/)

 

 

Embed Trust, Compliance & Protection in Software & Data

Introduction

Your software whether COTS or Bespoke brings to your client’s or your own organisation the benefits of automation and the flexibility of digital processes & content, these benefits are indirect when you consider the primary drivers are likely to be Improve Financial Performance, Customer or Citizen Service, or carry out tasks that would not be practical to carry out manually.

Software Applications or Information systems are central to the creation and flow of Information in every aspect of business life today, they support every function in the organisation and decision making at every level from the front line or shop floor up to the board room and for external parties.

Your business/organisation is providing these software products and IT solutions to your client’s/end user’s and they are central to their business processes, legal and regulatory compliance. So why is there so much emphasis on printing and signed paper records? The answer is “Trust”. Digital data & content can be easily manipulated accidentally or maliciously even with what would be perceived as good IT security. A professional malicious hacker can circumnavigate most standard security and the use of elaborate security solutions can be very costly and make usability an issue.

How do you bring trust to the digital content your application creates, handles or uses, in a simple cost effective manner? If your software ticks all the boxes below, then you have a compelling proposition, if you don’t tick all the boxes then don’t worry by doing a quick free integration of Digiprove technology or alternatively installing Autoprotect from Digiprove you can secure the trust of any user or 3^rd party in the information your solution provides:

þ Provenance of any digital content can be established (Origin)

þ Digital content can be verified as it is used or at any time on and off line (Tamper evidence)

þ Tamperproof & Auditable logs of content history (Life cycle events)

þ Content does not leave its operating environment (Remains Confidential)

þ Meets Legal and evidential requirements for eDiscovery, Spoilation identification and preservation.

þ Meets business and regulatory requirements for digital signatures, digital records, and Integrity.

þ Creates unique digital fingerprint and certification for any type of digital content.

What Value will the integration of Digiprove into our solution bring?

·         It enables your software solution stand out from the competition by ticking all the boxes above.

·         It enables trust and confidence for all stakeholders in the digital content integrity, its provenance is assured and any tampering identified.

·         It secures the evidential value of digital content for business decisions and for any 3^rd party investigation (which may include eDiscovery)

·         It will enable compliance with 3^rd Party requirements, such as regulators, government & auditors.

·         It will allow you operate without any paper in your process

·         It will differentiate your software solution.

How does Digiprove achieve this? And what is Digiprove’s evidence?

Digiprove is a unique patented technology process that without the need to transmit your digital content to Digiprove, creates a unique digital fingerprint of your digital file(s), it securely registers the fingerprint with the metadata such as owner, Date, Time, Location and creates an audit trail so that should the digital content be altered in anyway it will be evident on verification. Verification can be completed on or off line or can be fully automated using a component from the Digiprove Software Developers Kit.

Our evidence is that we already have over 5000 users and specifically using our SDK it has been integrated into software/solutions with applications in compliance such as Financial Services, Human Resource Management, Financial and legal. In addition The Georgia Technology Institute, the world’s leading authority on Digital Security has tested and verified Digiprove’s technology and here is what they say:

“… the process described in the patent does indeed provide a tamper-proof way to show that digital data has not changed since its timestamp. The process also provides a provision to validate any alteration made after it has been time stamped… the software does faithfully implement the patented 'Digiprove' process providing an authenticated method for establishing proof of existence and possession of digital content of any kind.”

Data Protection & Digital Content in HR: How To Draft A Policy

http://protect.digiprove.com/human-resources

We know that the aim of a data protection policy is to ensure that employees are aware of their own rights, and of their obligations concerning personal data processed by their employer.  The purpose of a data protection act is to enforce compliance from employers to make sure they carry out their obligations to the employee. So, who is a data protection policy for, and what exactly can it do that benefits a HR department?

A data protection policy is not only for the benefit of full time employees. It could be used to protect contract workers, agency staff and other kinds of workers too. In the HR department, it is particularly important that employee data is protected; especially considering it’s the department that all major employment decisions go through. This kind of data requires high security and proof of authenticity.

How do we go about formulating a data protection policy?

A lot goes into designing a data protection policy, but here are a couple of points to get you started. A general data protection policy should:

·         Identify a person within the organization who will have responsibility for ensuring that the employer complies with data protection regulations. This person will usually be a senior figure in the HR department.

·         It should ensure that employees are fully aware of any data held about them, and that they understand how this data could be used and disclosed. It is normal practice that an organization will use personal data like salary and pensions, and this will be held on an electronic device. The depth of this data could go further, for example employers may keep health records for reference.

It is vital that employee data held on organizational systems can be transparent and trustworthy. That’s where Autoprotect comes in as an asset to the HR department in maintaining legitimacy of files, and supporting their data protection policy.

The above are just two points about what a data protection policy should enforce. For further information, make sure to keep your eyes on our blog.