docTrackr’s DRM Architecture
The current data security model is broken. Traditional technology components of policy enforcement have focused around controlling access to content. These solutions control access to a corporate file-sharing platform, protect assets behind a firewall, or use hard disk encryption.
docTrackr’s technology answers this exact problem, applying cryptography to document management with a file-based, persistent content protection solution. With docTrackr, documents are protected even when they leave an organization’s internal infrastructure. Publishers of confidential documents can remotely control who can view their content, what they can do with it, and even destroy documents.
Our Client App Connects to SaaS Platforms
docTrackr’s technology connects to SaaS platforms such as Box, Google Apps, and SharePoint. We enable businesses and the individuals that run them to secure sensitive financial documents, intellectual property and marketing materials with confidence. In addition, powerful integrations for Exchange, SharePoint and other on-premise software applications provide companies with the ability to secure documents beyond the corporate network.
Our client facing application empowers users to secure, track and manage their documents by leveraging our connectors. Each connector is unique in its configuration and code. In our Box integration docTrackr can be configured quickly and is available over the cloud, whereas our SharePoint integration is located on-premise. The connector technology employed will depend on the specifics of the desired integration.
Learn more about our Enterprise Integrations.
The Management Platform Offers Flexible Configurations
docTrackr’s flexible management platform enables you control, track and secure documents in the manner that best fits your workflow. Our document management tools are available in three configurations:
An Out Of The Box, Web-Based Management PlatformdocTrackr’s web application is a full featured, cloud based document security application for small businesses and individuals. Our web application offers business level protection, control and tracking capabilities and includes admin controls. Test our features with a free web application trial.
Our Flexible APIThe docTrackr Interactive API gives you access to the document protection and monitoring features you see in our web application and extends them for use in your own application. It strives to be RESTful and is organized around the main resources you are familiar with from the docTrackr web interface.
Custom Rights Management Solutions for Your Authorization SystemOur integration offers ability to plug docTrackr into existing workflows. docTrackr has a number of integration options and organizations that employ Authorization tools like SAML, IdP, and SSO, can easily integrate docTrackr. Further, enterprises have the option to store access information and manage encryption on-premise. Contact us for on-premise options.
Encryption applied to document management
To provide powerful security on the workbooks, presentations and reports you use every day, we partner with Adobe and Microsoft to provide key delivery, authentication and rights for it’s documents. Our technology employs Adobe’s RMS technology and Microsoft Rights Management open protocols. Both protocols are natively embedded within Adobe Acrobat, PDF Reader, and Microsoft Office.
Document encryption: AES 128 to 256 bitsThe cryptographic algorithms used by docTrackr include AES for symmetric encryption of content and RSA for asymmetric encryption of content keys and other credentials. Our security ensures that even if company data were intercepted, it would be impossible to decipher by anyone.
Each document encrypted with a unique keyEvery financial spreadsheet, sales presentation and confidential report is encrypted using a unique key. In the unlikely event that a user comprises a document, there is no way to reuse the key obtained to access any other piece of content protected by docTrackr.
Encryption keys are distributed to each individual user using asymmetric cryptography. When a user attempts to open a protected document he or she will be required to authenticate into the document. Once credentials are validated by the system, the individual will be issued the decryption key over a secured transport channel.
To learn more about our dynamic policy management, encryption and key store management, refer to our Technical White Paper.
On premise encryption options: For companies that prefer to manage the encryption process within their enterprise, we can provide on premise encryption engines. For more information this option, please Contact us.
We’re Hybrid Cloud Capable
docTrackr supports own unique document security capabilities allowing companies to customize our document security solution to fit their unique needs.
To solve our customers increasing security and data privacy demands, we packaged all docTrackr encryption services as an appliance that works in a hybrid cloud. In this configuration, encryption and storage of documents are done in the customer’s datacenter. docTrackr’s cloud is only used for document and policy registration. Authorization services can connect to our platform through an API.
Once extracted by our connector, the different API modules then register the data origin, and associated them to their respective authentication and authorization systems. Encryption happens once the files have been registered and the appropriate keys are stored within the databases.
This approach allows companies with very precise compliance and privacy requirements to get their documents protected in their infrastructure. This hybrid cloud scenario works well for large volumes of data.
Our US Cloud Infrastructure
docTrackr is hosted in servers provided by Amazon Web Services in North America. AWS is a state-of-the-art SAS70 Type II facility that has achieved ISO 27001 certification and has been validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS).
AWS delivers a highly scalable cloud-computing platform with high availability and dependability. AWS’s world-class, highly secure data centers utilize state-of-the art electronic surveillance and multi-factor access control systems.
Data centers are staffed 24×7 by trained security guards, and access is strictly monitored. Environmental systems are designed to minimize the impact of disruptions to operation. Multiple geographic regions and availability zones allow docTrackr to remain resilient in the face of most failure modes, including natural disasters or system failures.
European Data Protection and Privacy
docTrackr provides the option to our European customers to select the location of their application instances and the storage location of files. In Europe, we use dedicated hosting facilities for our storage and applications. Our dynamic policy management and authentication capabilities are mutualized all over the world between EU and US customers in Amazon instances. Documents are never stored, nor are they ever in contact with a US service provider. This type of infrastructure is available to any customer who requests a non-US based infrastructure.
As data protection and privacy policies differ between the United States and the European Union, the US-EU Safe Harbor Framework was created to ensure that US-based companies could certify to the European Union that their organizations provide adequate privacy protection conforming to EU regulations. Our US hosting provider Amazon Web Services adheres to this framework.
Further questions regarding our integration options? Looking to learn more about how docTrackr can secure your system?