Solutions
So, where’s your data right now? With things like promiscuous modems and all of those iPods, it could be anywhere. If you’ve followed all of the guidelines and regulations, your data is encrypted and safe.
Or is it? Your most sensitive data is sitting out there frozen in time, defending itself from every unimaginable type of new technology. With encryption, you’re really betting against technology improvements, and Moore’s Law of contsantly improving computing power makes that a bad bet. There are companies that make a living by cracking files just like yours. Or a person could simply use a do-it-yourself online video and a regular PC.
Other efforts to protect your sensitive data include Data Loss Prevention (DLP). This is based on the assumption that data can be contained and will never leak out. So far, this also has been another bad bet.
At TPD, we believe that your sensitive data cannot be contained because there will always be leaks, mistakes, and rogue employees. And we believe that data will become even more sensitive. Replacing your credit cards after your records are lost is a walk in the park compared to replacing new types of data, like your DNA profile. Finally, we believe that you can make technology your enemy or your friend. We prefer the latter and use things like the power of the Internet to protect your data.
Here’s how this concept worked in World War II: As the Germans approached cities, people knew that they would remove priceless stained glass from cathedrals and ship them back to Germany. So they came up with an ingenious solution: each parishioner was given a piece of glass and told to hide it. This was ingenious because no one person knew where all of the stained glass was hidden. After the war, all of the glass was returned and re-assembled into the precious works of art.
TPD does the same thing to secure your sensitive data. We take it from your files and store it safely in locations distributed over the Web. When you authenticate, we return and re-assemble it into your files. We use the power of the Web to protect your sensitive data. And we add a little of our own magic – all of this is done without Excel having to know that TPD is doing any of this.
So, when someone asks you where your data is, you can say that it’s stored safely in a way that cannot be cracked, stolen, or lost. You can also tell them that TPD enables things that no security product has ever been able to offer:
Industry Questions
What is the latest cost of a data breach?
Is it possible to determine if a recovered device has been accessed?
Are there security risks that relate to IT professionals?
How difficult is it to get rid of sensitive data?
What are the risks of using encryption?
What are the risks to using DLP (Data Loss Prevention)?
General TPD Questions
What are TPD's basic principles?
How is TPD different from encryption?
What makes the TPD Vault secure?
What does a file look like when stolen or accessed without authorization?
How is TPD different from DLP (Data Loss Prevention)?
What additional benefits does TPD enable?
Does TPD keep track of backup and older versions of a file?
What security problems does TPD not solve?
I have not heard of Theft-Proof Data, LLC. Who are they?
TPD Office for Excel
How does TPD Office for Excel work?
What OS and Microsoft Office versions are supported?
What are the limitations of protecting Excel files?
Why is authentication important?
How does TPD authentication work?
What other authentication methods be used?
How does stronger authentication make Theft-Proofed files stronger?
Can I permanently get sensitive data back into my spreadsheet?
Can TPD make outsourcing safer?
The TPD Vault
Can my firm have its own TPD Vault?
How long will TP'd data be stored in the Vault?
Who owns the secure data stored in the TPD Vault?
Permissions
Can permissions be changed after a file has been shared, goes missing, or is stolen?
Can permissions can also be assigned to groups?
Future Enhancements
Is TPD Office being developed for the Mac or for OpenOffice?
Will there be versions for Word, PowerPoint, and Outlook?
According to 2009's Ponemon Institute Annual Cost of a Data Breach study, the average cost of a data breach has risen to $202 per customer record from last year’s $197. Not surprisingly, the average cost of each breach has also risen to $6.65 million. It is estimated that only one in 10 breaches are ever made public.
Here's what you have read:
Unfortunately, none of this is true. The ability to copy a disk without altering it is necessary in order for evidence to hold up in court. If the police change the disk by examining it, then how could the defense independently examine the same body of evidence? Bottom line - it's impossible to determine if a recovered device has been accessed, so assume that it can be.
There is lots of evidence showing that IT professionals are being held responsible for data breaches.
It's much harder than most people think. In fact, the cost of purging data now exceeds the cost of keeping it forever. Regular backups, email and other methods of distributing data make total erasure virtually impossible.
Encryption is an excellent way to protect your sensitive data, but it cannot solve all of your security problems. In fact, there are companies that specialize in recovering encrypted files. The risks were summed up by an executive of a leading encryption company: “Saying it can never be cracked would be a lie – who knows about tomorrow.” Actually, the Chinese have already published reports of how advanced encryption is already being cracked using regular PCs. Emerging technologies will make cracking encryption even easier.
DLP makes the assumption that you can prevent data from leaking out, being stolen, or accidentally lost. In summary, DLP offers protection by creating data classification schemes, placing code on all devices, and identifying links between applications and departments. DLP has difficulty analyzing encrypted files. A common DLP method is creating a ""fingerprint"" for each document being protect, which means that the entire document must be protected.
Theft-Proof Data is a new type of security that takes the benefits of encryption and improves them. TPD is based on three basic principles:
TPD's design goal acknowledge's the first two and leverages the third to make it impossible for someone to steal your sensitive data.
The design goals for TPD and encryption are the same – data will always leak out so sensitive data must protect itself wherever it ends up. Here are the differences:
We want to deliver our solution as quickly as possible to protect the currently most unsecure data, so our first product release is for Microsoft Excel. Massive amounts of data world-wide is stored in Excel worksheets, often in ways that are far from secure. Future releases will be for Word, PowerPoint, and Outlook. TPD Enterprise will Theft-Proof databases like Oracle and companies like the American Heart Association have ""baked"" TPD into their own applications.
TPD Office is distributed as an Excel add-in that transparently removes your sensitive data from a spreadsheet and stores in a remote, secure TPD Vault where it is stored out of context. The result has been called elegant in its simplicity: Your Excel files on their own contain no sensitive data and need the TPD Vault, and the TPD Vault has no meaningful data on its own and needs the add-in to put everything back into context. TPD Office is patent-pending and makes it impossible to steal sensitive Excel data because it's no longer in the spreadsheet. And we make it impossible to steal TPD Vault data because it's meaningless 0's and 1's without the context of the matching Excel spreadsheets.
TPD Vault internals and communications are proprietary, but we can tell you that we use multiple methods to make any extraction of data from the Vault a meaningless exercise unless its original context can be established. Because the TPD Vault supports most standard databases it can utilize all methods of ensuring data integrity and responsiveness, such as mirroring, replication, hot fail-over, etc.
The cell contents are blank (empty).
DLP makes the assumption that you can prevent data from leaking out, being stolen, or accidentally lost. TPD takes the real-world assumption that sensitive data can never be 100% contained and that it must protect itself. TPD effectively stretches your secure perimeter to wherever your data is located.
TPD's design enables these additional benefits:
Yes. Every change is stored separately in the Vault so all file versions, backups, etc maintain synchronization. Note that a future release of TPD will enable the synchronization of all copies of a cell. This powerful DRM feature will permit dynamic changing of any content so that things like email addresses, price lists, newsletter contents, etc. can automatically be kept up-to-date.
TPD protects data that is stored in your computers. Once the data is printed or displayed, it is no longer possible to provide protection. Just as it is not possible to prevent a person from videoing a movie to make their own DVDs, it is not possible to prevent someone from, say, looking over your shoulder to view your sensitive data on a screen or on a printed report. You must continue to be diligent about who has access to your screens and reports.
We're a Dallas-based company that was formed because we got tired of hearing things like “encryption is 100% safe” and ""we live in a world of uncertainty.” We're proud to say that TPD makes it impossible for someone to steal your sensitive data. One of our first clients was The American Heart Association which has a big problem protecting its assets overseas. Its International Director Kevin Turner explains, ""We selected Theft-Proof Data to protect our most sensitive intellectual property in China and India.""
You highlight the cells that you want protected and then you TP them. Behind the scenes TPD Office secures your information in the Vault, then providing it only when and where you instruct, based on the permissions settings you make. If a person does not authenticate properly, the protected cells will be left blank. They can still be cut, copied, and/or pasted but their contents will never been shown without a person authenticating properly.
Windows XP, Vista, and 7. Excel for Office 2003, 2007 and 2010.
TPD has been designed to work in an enterprise environment with the limits defined by Excel, but only cells that contain sensitive data should be protected.
Authentication is really important because it can be the weakest part (if using a weak password) or the strongest part (if using current state-of-the art systems) of the Theft-Proof chain. The easier it is to authenticate, the easier it is to gain access to sensitive data. Note that improving authentication, such as adding biometrics, has the effect of immediately and retroactively strengthening the security of a Theft-Proofed file. This is one of the main differences between TPD and encryption: the latter has a level of protection that is locked at the time a file was protected while TPD protection gets stronger over time.
TPD does not develop authentication systems, there are lots of companies and open source projects that implement them. Instead we ensure that TPD products can work with any desired authentication system.
TPD products are designed with an API to work with any authentication systems
Theft-Proofed files on a client are secure and cannot be cracked because they contain no sensitive data in ANY form. TPD Vault files are Theft-Proofed because everything is stored out of context. If the client files are authenticated and connected to the TPD Vault then sensitive data is accessible, so the strength (or weakness) of TPD is entirely dependant on authentication. Making this stronger retroactively makes TPD-protected files stronger.
Yes. Just un-Theft-Proof the desired TP'd cell(s) and then save your spreadsheet.
Yes, because you never lose control of your sensitive data and you can even remove permissions from the third party after the fact, effectively deleting their copy of the data.
The TPD Vault is a secure server that takes data from TPD Office and stores it securely. TPD does not disclose specific details about how the TPD Vault works.
Yes. We support databases with JDBC level 2 drivers including Oracle 10.x and PostgreSQL. Please contact TPD for more details.
For as long as your system administrator wants, or until you give specific instructions to permanently purge your sensitive data.
You do. TPD is just a very secure storage service. You own and are solely responsible for all of your sensitive data. Of course you may not use TPD for any illegal purposes. TPD is not responsible for any business interruptions that may be caused due to using the service.
The first person to TP a cell is that cell's owner. If no additional permissions are given then he or she is the only person who can access this protected cell. The owner has the right to give Read, Update or Set permission to other people or groups of people.
Yes - this is one of the key breakthroughs of this technology. Revoking permissions removes access, effectively deleting the sensitive data. Adding access can make it appear for someone who didn't have access previously.
Yes. Groups may contain individuals and other groups, so assigning permission to a group enables all members of the group to have Read, Update, and Set access. Permissions are checked at run-time so changes to groups are retroactively applied.
This is planned for a future release. Please contact TPD for more details.
Yes. Please contact TPD for more details.
Yes, this is how the American Heart Association is using TPD. Please contact TPD for more details.
A future release of TPD will enable the synchronization of all copies of a cell. This powerful DRM feature will permit dynamic changing of any content and will permit things like email addresses, price lists, newsletter contents, etc. to always be kept automatically up-to-date.