Securing Highly-Sensitive Files between Various Entities
An Administration establishes, transfers and controls information about Personal Assets of politicians and VIPs
Challenges
An Administration manages, in conjunction with its local entities (in the provinces), highly-personal data files of politician and VIPs, such as their assets declarations. Out of respect of the privacy of these persons, and in light of the highly-sensitive character of the persons concerned, the files must be kept highly secure, and must only be able to be opened by duly-accredited agents.
Requirements
Considering the volume (several thousands of people concerned and a corresponding number of files) and the geographical distribution (several dozen agents), the solution needs to be simple to implement, user-friendly, and requiring little training, while guaranteeing the high level of security required.
Since this concerns data of a political and national nature, this level of security must be high and subject to the various requisite State approvals (certifications, qualifications). To guarantee that only an accredited agent can access the content, with no possibility of a sudden or sustained attack, the solution must enable the use of an authentication mechanism (crypto-processor pass) for agents.
The solution must not be solely linked to the transmission or transfer of files: it must even be independent of this, so as to enable the widest possible use of various media (email, collaborative sharing, physical devices), and it would be desirable for the files to be «containerised» so as also to be able to guarantee secure long-term storage.
Solution
The client used the ZED! solution from PRIM’X :
- with the ZED-API kit for automating the centralised production of encrypted containers and the processing of content;
- with the aid of PRIM’X itself and the project integrator for supporting the microprocessor card (integration with private PKCS#11 middleware);
- with the ZED! Enterprise software for large local entities and the companion ZED! FREE for the others (enabling the solution to be imposed on third parties at the least cost).
Experience
This is a good example of the securing of standard and repeated exchanges in a large, devolved and decentralised organisation (including in terms of management), with a simple but strict usage process.
Benefits
ZED! software has been designed for the archiving or exchanging of multiplefile containers as simply as possible.
Its companion products (ZED! FREE and ZED! PRO) are available on a number of platforms, cost-effective and easy to comprehend, while offering security-level compliance and even providing compatibility with sophisticated mechanisms such as smartcards (or cryptographic tokens).
Companion applications are also available for iOS and Android.
ZED! is a product certified CC EAL3+, Qualified by the French ANSSI, and allowed for EU Restricted and NATO Restricted.
