Compliance is not only preservation of records to ensure regulatory audit and evidentiary scrutiny, but it is a matter of governance, reputation and integrity. The stakes are high and they are tied to the prosperity of business. The steps towards ensuring compliance involves proactive decision-making on the part of senior management and IT to choose the right solution to efficiently preserve, protect, manage and ensure authenticity of records.
Selecting the right enterprise file sync & share (EFSS) that provides end-to-end file security solution is very important. It should be considered a long-term investment to stay compliant and ensure security, data loss risk mitigation in today’s world of consumerization of information technology and workforce mobility.
Vaultize has been designed as enterprise file security platform that ensures security and protection of corporate files from the time they are created through the time they are being used by end-users on their devices (company-managed or BYOD), within as well as outside the corporate network, and also when those files are shared with outside party. Businesses, particularly in security-conscious and regulated industries rely on Vaultize to ensure end-to-end file security, compliance and data protection.
Retention is a very important part of compliance. It allows enterprise IT to control how the history of all corporate data is maintained, stored and made accessible when the need arises. There might be various use cases for retention including complying with data storage and retention laws/regulations, being able to reproduce (old) data as evidence (e.g. in case of a litigation or court case) or something as mundane as data backup.
In Vaultize, there are two types of retentions:
- Data Retention or File Versioning
- Meta-data Retention or File History
Data retention or File Versioning is about retaining versions of data as it goes through its life cycle – being created, modified and deleted by end-users. Vaultize identifies and stores each and every version of a data item so that any version of data in the past can be retrieved at any time. Versions are always stored in incremental (or differential) form and are also put through the process of block-level global de-duplication, which results in huge savings in storage and bandwidth usage (up to 90% in some cases).
The Vaultize administrator can control data retention by using a Retention policy, which is part of Protection or Versioning policy (screenshot below). Retention policy can be applied at user-, group- or organization-level and, each Retention policy allows the administrator to control how many versions are created, how long they are stored and how versions for data deletions are treated. Administrators can set data retention to be any period of time; if no policy is applied, the policy defaults to 90 days.
Later, IT administrators and end-users can see all the past and current versions of any file and can download or restore any of a file’s versions:
End-users are also allowed to download a “point-in-the-past” snapshot of a folder:
Meta-data Retention or File History is about retaining the history of all meta-data of a data – this includes everything that Vaultize can track including data creation, modification, sharing, download, upload and so on. Vaultize maintains all the accesses at file-, share- and user-levels. By default, all accesses are maintained for 1 year, but this can be configured from the backend. History can also be exported as an Excel sheet and administrator can also set a scheduled report on a file, a user or a share-link.
Here’s a screenshot of a file’s history:
And here’s a screenshot of a user’s history:
The other form of meta-data retention that Vaultize performs is the Audit Trail or Log. This is a non-tamperable log of all activities performed by all Vaultize users including the administrators. This means, it includes all activities like creation and modification of users, groups, policies and settings as well as user activity like login, logout, device access and so on.