Pushfor: a secure way of sharing unstructured data
By pushing rather than sending documents, banks can retain control of sensitive information, helping them stay compliant, writes Mike Williams
Data protection is big news, and rightly so. It’s time for companies that collect, store and use personal data to be held to account. The imminent General Data Protection Regulation (GDPR) coming into force in May is going to do this. Big fines are the stick, happy customers the carrot.
An army of consultants is helping banks prepare for the stricter rules on data protection. There’s lots to do – from clearing out stores of unnecessary data to ensuring that all the required permissions are in place. But most of the focus seems to be on structured data, the term used for organised information. This is held in fields such as name and address, or transaction history. While important, it only accounts for about 20 per cent of all data. Unstructured data accounts for the balance and is by far the more unwieldy beast.
Unstructured data is that held in documents for example. Think emails with attachments including customers’ names and addresses, purchase histories, dates of birth, employment records, employment terms. Just like structured data, unstructured data will also be covered by GDPR and must be protected.
While many banks have put up security walls around unstructured data, to date these walls have proven pretty ineffective. Bans on using personal devices for work matters – sending work emails from your own laptop or phone, for example – are regularly ignored by staff, and encryption is far from failsafe because it’s easy to send the key along with the document. People also duplicate and photograph content. Each time a new copy is made of any personal data, the door is opened to a GDPR breach. So what can banks do?
The obvious solution is not to send the data at all, but to keep it on a server while setting up a gateway to allow viewing access. This is the solution we’ve created at Pushfor.
Pushing content and data is what Netflix does. Once you’ve signed up, you can watch any film you want – but you don’t own it. You don’t control it. In fact, the film never leaves Netflix’s servers and is instead projected onto your screen with all sorts of copying protections in place. The same can happen with content.
The Pushfor app can sit on any device and using it staff can share high-fidelity documents with each other just as easily as using social media or email. And they retain control. In-built protection prevents copying and sharing, watermarking identifies the recipient, and full audit trails allow companies to track who’s seen what, when, where, and for how long. For highly sensitive material, we’ve included the option to frost screens over with the content appearing only where a finger is applied. And any pushed content can be pulled back at the touch of a button – who hasn’t sent emails to the wrong person or group of people?
Pushfor keeps just a single copy of the content in one place – where all the appropriate permissions can be noted and respected. For content that is shared electronically, Pushfor provides the closest to full compliance as is possible. Our patented push technology means content is never actually sent but remains secure at source. Our plug-in API can be fully integrated into any platform and can be white-labeled without additional coding.
But there’s more to it than that, because Pushfor’s analytics capabilities bring further benefits. For example, it’s possible to see how long a recipient has spent on a document – and even the content they focused on most. This can be used to great effect by compliance departments. A compliance officer will be able to tell if a recipient only spent a minute looking through a 40-page document – and then send them a polite notice to be more thorough. This previously uncaptured insight on ‘unstructured’ content use and consumption is a very powerful tool for Marketing departments too. The analytics can track the effectiveness of different campaigns and help turn digital interactions into new sales opportunities, improving customer retention and overall value of the customer.
And let’s not forget the GDPR challenge of the right to forget. Think about the process of filling job vacancies. A company might receive 400 resumés for 10 posts which are then emailed to the relevant departments as part of the selection process. GDPR demands that all those documents be deleted once the job has been filled. Failure to do so could result in a big fine. It’s a compliance officer’s nightmare. With Pushfor you can simply pull back the resume that was pushed and every instance of it will be removed.
Pushfor’s benefits to banks are clear: by eliminating the need to share sensitive data via email or social media, and by offering an easy-to-use and secure method of sharing content, banks can keep content safe. Pushfor ticks the user-friendly box, it ticks the compliance box, and it protects the bank’s reputation, too. So all that’s left to say is Push Don’t Send!
Mike Williams, CEO of Pushfor