Data security for businesses has never been more critical. Any breach of data can result in financial and reputational harm. Whether your data is within your network or shared with third parties, its safety and protection are paramount. If you’re considering moving to an outsourcing model for transactional print and mail, secure processing of your data must be a priority when evaluating providers.
What should you look for in terms of data security? Overall, you want a partner committed to compliance and the protection of PII (personally identifiable information) and PHI (protected health information).
Explore how we deliver this assurance in the billions of packages we produce every year.
Transfer of Data from Customer to Provider
The first phase of securely processing your data is the transfer from your network to your provider’s. There are several ways a file transfer can occur, and they aren’t equal in terms of being secure. Some print and mail companies may have a simple upload feature or use file hosting services like Dropbox.
These ways to transfer data are convenient but have security risks. The type of information you’re sharing has valuable data that cybercriminals would find attractive.
You can still easily pass files to your print and mail company in a more secure way with SFTP (Secure File Transfer Protocol). SFTP is a network protocol that enables safe and encrypted file transfers. It incorporates SSH (Secure Shell) for authentication and data encryption.
In our workflow, clients transmit data through an SFTP connection, and a proxy process moves those files to the appropriate server within our secure Zone 1 network.
Next is the processing of data to create print-ready files.
Processing Your Data Securely with SECURE IT
Once the data is within a secure server, processing must occur to get the job into production. Protecting this information continues to be a high priority to ensure compliance. We use a proprietary file processing hub, SECURE IT.
Within the SECURE IT environment, confidential data gains protection throughout its lifecycle, including processing, composition, output, archival, and deletion.
SECURE IT’s configuration meets or exceeds compliance with SOC 1, SOC 2, HIPAA, HITRUST, FISMA, and PCI-DSS regulations.
How Does SECURE IT Enable Secure Processing of Your Data?
SECURE IT is much more than a standard file-processing application. In addition to using SFTP, the system applies PGP (Pretty Good Privacy) to encrypt files before processing them. The encryption protocols protect data while in transit and rest.
Beyond standard encryption, SECURE IT also uses:
- Full disk encryption, a hypervisor-level backup
- Network segmentation to divide the main network into smaller ones to compartmentalize and apply security controls to each
- Multi-factor authentication, which requires any users logging into the system to use TLS VPN (Transport Layer Security Virtual Private Network) and then authenticate in at least two ways
- Email and network appliances to manage, monitor, and secure information workflows to and from the internet
- Multiple network appliances and systems for the prevention of unauthorized distribution of sensitive data
The Steps for Secure Processing of Your Data
Data security is a priority for all our operations. Since we only produce transactional print and mail, everything we receive and process has the same protocols. Our two facilities also have the same standards.
The typical workflow of processing data securely includes these steps:
- You upload files to the SFTP, which can be print-ready PDFs or files that need composition.
- An email confirmation acknowledges receipt of the information with details of name, file size, and date included.
- You would receive an exception email notice if the system finds any missing files.
- Files route for immediate processing through SECURE IT.
- The system generates PDF proofs of the letters for client review and approval.
- Printing of jobs in a secure virtual and physical environment occurs.
- Intelligent insertion equipment seamlessly folds the correct documents into the proper envelope.
- Based on business rules, data files may be archived or destroyed.
All the PDF documents for review are available in trakPCI, a secure, web-based document management system. You’ll have 24/7 access to this portal for review of PDF proofs, along with many other features, including reporting, tracking, and requests for letter changes.
The layers of security and prioritization of compliance allow us to take a complex process and streamline it. We also proactively focus on cybersecurity with advanced firewalls, IPS (Intrusion Prevention Systems), pen testing, and vulnerability scans.
There’s nothing more important than data security in the transactional print and mail world. Learn more about how we protect your data.
