Story image

Using blockchain to ensure regulatory compliance

12 Dec 2018

Macro 4 has released a new version of its Columbus DW enterprise content management software that helps organisations to strengthen data protection and regulatory compliance. 

A new document redaction feature restricts access to sensitive personal information by automatically obscuring selected words or images on documents held in the Columbus DW system.

To support compliance with regulations governing document processing, Columbus DW integrates with the blockchain to provide an additional trusted record of events such as how, when and by whom documents have been accessed, updated or deleted.

Macro 4 director Jim Allum says, “Data privacy regulations such as the GDPR require you to put better safeguards in place to protect customer data, and to prove you’ve done it. Columbus DW 8.4 is designed to help you do exactly that.”

Also new in Columbus DW 8.4 comes support for cloud object storage. This feature enables organisations to reduce costs and increase storage flexibility by moving documents and other unstructured data into the cloud.

These enhancements will be followed in early 2019 by the introduction of a new Columbus mobile app that allows business users to work with documents securely on a smartphone or tablet.

Document redaction provides added protection for sensitive information

Columbus DW 8.4 enables organisations to prevent viewing of sensitive text or images using a variety of redaction methods which include the replacement of selected content with random characters, ‘X’s, black boxes, or blank space. The document itself can still be accessed for operational business use.

Redacted views can be applied to all users or to certain job roles or individuals.

“You can limit access to sensitive data to just those staff who actually need to view it as a legitimate part of their job, in line with the GDPR principle of data minimisation,” said Allum. 

“Does a call centre agent or accounts administrator really need to see information such as a person’s payment history or financial status when viewing bills or contracts, for example? If not then it’s best practice to redact it.”

A related capability is data anonymisation. This is a process by which ‘live’ production data can be altered to create anonymous document samples for application testing. All original text can be replaced with random, but similar, characters to produce realistic documents for thorough testing, without exposing any real business data.

Blockchain integration delivers trusted audit facility

Columbus DW 8.4 integrates with the Hyperledger blockchain framework to provide an additional auditing mechanism for legal and regulatory compliance, as Allum explained:

Allum continues, “One of the core requirements of a legal archive is the ability to capture all the events happening around the documents you’re holding and to validate those events with the same level of integrity and security as the document itself.

“For example, if customers exercise their ‘right to be forgotten’ under the GDPR you need a reliable record of the fact that you’ve deleted their data. Columbus DW gives you absolute proof that what should happen has actually happened by recording it on the blockchain.”

Columbus DW 8.3 introduced the capability to record document-related events using the same tamper-evident hashing mechanism as the blockchain, with the option to trigger business processes or email notifications when events occur. 

Columbus DW 8.4 builds on this functionality by enabling the same record to be committed to the blockchain to independently verify that the information has not been tampered with.

Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nozomi and RIoT to deliver advanced ICS security solutions to Australia
''As a specialised integrator of robust and resilient ICT and IoT solutions within Australia, we are delighted to be partnering with Nozomi Networks."
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
SIS announces a partnership with Platform 4
“We are looking forward to a strong future in the New Zealand security industry with this global giant as our strategic partner."
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.