Contemporary Solutions for Data Archiving

Learn more about our products and services

TOP REASONS YOU NEED
TO ENCRYPT YOUR DATA


 


sevenLost or Stolen Devices

There are a lot of ways these devices can disappear: accidental loss, malicious employees, lack of tracking, etc. According to hhs.gov, since September 2009, there have been 646 breaches impacting 500 or more individuals. More than half of the incidents involved lost or stolen unencrypted devices.

The headlines are out there:

  • Four McLean Hospital backup data tapes go missing, thousands affected - four unencrypted backup data tapes went missing.
  • UK Insurer (Royal Sun Alliance) loses portable storage device from data center with sensitive customer data.
  • Employee with California bank puts customer loan data at risk - An employee handled mortgage loan files stored on a removable disk drive in a manner contrary to the bank's policies and instructions
  • California dentist announces theft of server containing patient information – (office burglary)
  • Data at risk following burglary at Liberty Tax Service office in California - Computer towers containing the personal information were stolen during a burglary
  • Advocate Medical Breach - four unencrypted computers stolen during an office burglary

sixYou may incur many additional expenses including the cost of reissuing cards to customers

If the breach involves credit card information, the cost of reissuing cards can likely fall to you. According to a Bank Technology News article, the cost of creating and mailing a new debit card for a small community bank under $1B in assets is around $11. Larger banks have economy of scale on their side, which brings the cost down to $2.70. Reissuing credit cards ranges from $12.75 to $2.99 for the larger banks.

  • On top of the $25M AT &T settlement, the company was ordered to:
    • Develop and implement a comprehensive compliance plan
    • Conduct a privacy risk assessment
    • Implement an information security program
    • Prepare a compliance manual
    • Provide employees with regular training on privacy law and the company's privacy policies
    • Appoint a senior compliance manager who is privacy certified
    • Notify all affected customers and provide them with free credit monitoring services
  • Target Corp. agreed to reimburse thousands of financial institutions as much as $67 million for costs incurred from a massive 2013 data breach

fiveYou could face potential lawsuits by individual customers in the event of a breach

A breach of personal information can be very damaging to customers. Suits can range from large class action to individual breach victims. Plaintiffs can seek damages for damage to credit, costs of credit and/or identity theft monitoring, costs of card replacement, risk of future harm, emotional distress, fraudulent purchases, and more. Example:

  • A law firm has initiated a class action lawsuit against Home Depot for the exposure of 56 Million debit and credit card numbers. According to a New York Times interview with former security employees of the company, Home Depot security allegedly relied on outdated software to secure its systems.

fourYou may incur the costs of a forensic investigation conducted by an independent agency

Determining how the breach occurred, who was responsible, and what technology, electronic systems, and processes were involved will require analysis. Depending upon your industry, or simply for the reassurance of your customers, you may be required to secure these services from independent agencies. Most regulatory bodies will require a full justification of how the breach occurred and what actions were taken to remedy the situation. This can be quite costly, particularly to a small business. Example:

  • Homebridge retained a data forensics and cybersecurity firm to assist in investigating the incident after valuable human resource records were accessed and used to file fraudulent tax returns.
  • HITRUST, a data security organization, paid for an independent security assessment program for associates of five insurance plans and pharmacy chains after their systems were hacked expositing 111 health records.

threeSmall businesses are potential targets

Small business typically do not have the resources of large companies or dedicated professionals to handle network issues and subsequently fall prey to hackers, cyber attacks and other data breaches.

  • Business News Daily reports “ that small businesses fall into hackers' cybersecurity ‘sweet spot’. They have more digital assets to target than an individual consumer has, but less security than a larger enterprise.”
  • Symantec’s Internet Security Threat Report 2013 reports that In 2012, 50 percent of all targeted attacks were aimed at businesses with fewer than 2,500 employees.
  • The National Small Business Association Technology Report indicates that in 2013, 44% of small businesses reported having been attacked with an average cost of $8,700.

twoYou can experience damage to your business reputation

A breach does not just damage large businesses with known brands. Small firms, doctor and dental offices, and corner markets equally can experience reputation and brand damage due to data loss or breach.

The Ponemon Institute conducted a survey of nearly 850 executives, found that the average time it takes to restore an organization's reputation is one year. Do you have a year to devote to recovering from damage to your reputation? Wouldn’t it be much easier just to encrypt your data?

A research study commissioned by Semafone® indicates that the majority of people surveyed would not do business with a company that had failed to protect its customers’ credit card data. 86.55% of 2,000 respondents stated that they were “not at all likely” or “not very likely” to do business with an organization that had suffered a data breach involving credit or debit card details.

AND THE #1 REASON...

one$ $$ Fines and Penalties – Need we say more?

Pay now or pay later. Encryption is far less expensive than a data breach. The list of businesses and organizations that have had to pay fines and penalties due to a data breach is becoming endless and the fines are staggering.
Here are just a few:

  • Target: the firm's latest earnings report indicates that the net expense of the breach stands at $162 million. The actual total has now reached a gross expense of $191 million.
  • AT & T: $25 Million
  • Anthem: $1.7 Million

Healthcare faces the greatest penalties here are some from the hhs.gov website:

  • Parkview Health System, Inc. (Parkview) will pay $800,000 and adopt a corrective action plan to correct deficiencies in its HIPAA compliance program.
  • New York and Presbyterian Hospital (NYP) has agreed to pay OCR $3.3Mil to settle potential HIPAA violations
  • Idaho State University (ISU) has agreed to pay $400,000 to the U.S. Department of Health Human Services (HHS) for violations
  • Phoenix Cardiac Surgery, P.C., of Phoenix and Prescott, AZ, has agreed to pay the U.S. Department of Health and Human Services a $100,000 settlement

ASTI Advances Safeguarding of Critical Enterprise Assets with New Encryption Module

Businesses and organizations can now protect critical archived data against data breach, theft, and public exposure incidents while maintaining compliance with regulatory and corporate mandates. ASTI’s Encryption and Key Management module is specifically developed to seamlessly secure and control access to data on-premises, in the cloud, and on removable media, while maintaining control of encryption policies, access rights, and authentication.

Colorado Springs, CO, 20 August 2014 - Alliance Storage Technologies, Inc. (ASTI), the leader in professional data archiving solutions, today announced their FIPS 140-2 compliant Encryption and Key Management feature, designed to safeguard valuable corporate data assets. With the security advantage of encryption, business executives across all industries can be confident and assured that their critical data assets are secure, protected, and shielded from unauthorized access.

“Companies and governments across the world are increasingly adopting data encryption to ensure the security of valuable data assets,” explained Chris Carr, ASTI CEO. “ASTI’s Encryption solution ensures that all archived data is protected from unauthorized access and meets government regulatory mandates. This provides protection from data breaches and prevents legal non-compliance, penalties and issues associated with negative publicity. Its powerful enterprise class features seamlessly integrate with ASTI’s archiving solution and complements offsite and Cloud-Integrated Storage providing a very cost effective solution that instills confidence in data security.”

ASTI asserts that their data archiving solutions have always offered the highest level of data protection by securing data unaltered for periods greater than 50 years. However, the enhanced security level provided by encryption enables customers to comply with industry regulations making it a must have feature. Our customers within the healthcare and financial industries and court systems are requesting the new feature.

“Encryption assures compliance with stringent industry regulations such as the HIPAA HITECH act and Payment Card Industry (PCI) security standards, and can be used to protect court records as well,” indicated Tim Summers, VP at ASTI. “ASTI’s AES-256 bit encryption meets compliance standards for archived data retained past 2031 and offers defense against corporate espionage and malicious attacks, while preventing unauthorized access due to theft or loss of physical media.”
The company’s encryption feature adds an additional level of security to the powerful Archive Management Software (AMS), an integral component of its data archiving solutions. Implementation of the feature takes only minutes with archiving policies that enable protection of data stored locally, remotely or in the cloud. Tightly integrated user authentication and access controls (with Windows Active Directory and Unix/Linux LDAP), eliminate additional system administration burden and ensure that only authorized personnel acquire access to decrypted data.

With key management being a critical component of any encryption solution, ASTI’s implementation ensures security and availability of keys by providing compliant protection techniques. This includes encrypting all file level encryption keys and securely vaulting them before use in on-premises or off-site cloud key vaults, ensuring keys are always available for disaster recovery and maintaining user control.

Data Archiving Leader Alliance Storage Technologies Releases Enterprise Class Cloud-Integrated Storage Solution

Alliance Storage Technologies, Inc. (ASTI), continuing its focus on enterprise-class data archiving solutions, has brought to market a Cloud-Integrated Storage option as part of its line of NAS based Archive Solutions. This solution provides customers with seamless access to a new cloud-based archive storage tier for archive data storage and offsite backup and recovery, while still meeting corporate and industry-based compliance and regulatory mandates at a reduced total cost of ownership.

22 July 2014 - – Colorado Springs, Colorado - Alliance Storage Technologies Inc. (ASTI), the leader in professional data archiving solutions, has announced the availability of their enterprise-class Cloud-Integrated Storage (CiS) data archiving solution. The unique new solution merges optical storage with the cloud supporting the company’s focus on compliant data archiving across all industries including legal, healthcare, law enforcement, and more.

The introduction of the new archiving tier permits businesses and organizations to utilize cloud, optical or both for archiving data which ultimately results in the implementation of a flexible, adaptable archiving ecosystem. The integrated solution offers centralized data management with seamless access to the cloud storage tier. This enables cloud on-boarding without risk or loss of control over data. Additionally, the low total-cost-of-ownership of the cloud makes it attractive as an alternative for offsite copy, backup and recovery of archive data.

“The ASTI CiS solution adds to the array of affordable options for archiving data empowering customers to store data securely at required price points,” explained Chris Carr, CEO. “This unique flexibility, not previously available, enables businesses and organizations to implement an archiving ecosystem well-suited to their operational requirements and needs for regulatory compliance, offsite storage for disaster recovery, high-availability and long-term preservation of data.”

CiS is a natural progression to the company’s product strategy of adhering to storage industry 3-2-1 Archiving and Data Protection Best Practices. The 3-2-1 guidelines recommend a rapid access copy of data be accessible locally (RAID), with 2 copies on different types of media (fulfilled by cloud or optical), with at least 1 of the data copies stored off-site remotely or on removable media (cloud or optical). File virtualization provides virtualization of archive storage across disparate storage resources including RAID, Cloud and Optical. The increased archiving options offered by the solution make it simple for businesses and organizations to adhere to the guidelines.

ASTI’s cloud solution is implemented within the company’s Archive Management Software, developed specifically for data archiving. This enables powerful enterprise-grade features adaptable to any sized business or industry. Cloud offers a lower cost alternative to high-availability hot sites and is an excellent option for organizations such as regional hospitals with requirements for maintaining backup copies of data at remote data centers located at least 75 miles from the primary center.

CiS provides tangible business benefits such as thin provisioning that enables users to pay only for storage resources utilized, thin restore that facilitates expedient recovery in disaster recovery situations and on-premises control of user authentication and access. Users can implement additional features that augment the CiS archiving ecosystem including replication for high-availability and data encryption with key management for securing data.

The company has a long history of providing affordable compliant archiving solutions that meet regulatory and corporate mandates enabling customers to preserve data unaltered for periods of up to 50 years. The new advancement integrating cloud solidifies its position as the premiere provider of data archiving products. Systems are suitable for any business, government, or industry from small organizations to the largest enterprise. 

Customer Testimonials

Read what our customers are saying about us.

Sangamon County Ciruit Clerk's Office

“Our major issue was time lost chasing documents. With the implementation of the archive solution, retrieval times went from DAYS to SECONDS.”
Tony Libri, Sangamon County Circuit Clerk

Southeast Louisiana Veterans Health Care

“We had to determine what information was retrievable among the absolute chaos of the first week after Katrina…We were able to recover all of the patient images off the Plasmon libraries…We are now primarily using the Plasmon’s UDO Archive Appliance for its long-term recoverability.” – Kenneth Allen, Health Systems Specialist

AGFA Healthcare

“Ensuring that we could provide a PACS archive solution that helps customers meet HIPAA compliance at a reasonable cost was a critical requirement. This was guaranteed with the performance, longevity, and authenticity of the UDO Archive Appliance.” – Lenny Reznik, Director Enterprise Imaging and Information, Agfa Healthcare.

 

Login