|
Write-once Read Many Solutions (WORM) |
|
These devices work very well avoiding that the information that has been written in them is not altered after its addition. Nevertheless, these hardware-based solutions do not guarantee that the information being written is the one it should be. Since they treat files as objects and they need to hash them before adding them in the system, continuously appending files such as logs must be "closed" (i.e. finished) before being processed. Since normally these types of files can take a day from the moment they are created until the moment they are closed and ready to be added to WORM devices, this leaves a 24-hour period for performing any alteration and tampering them. These types of devices are also usually hardware-specific, which normally comes with a very high price tag, where scalability is directly affected by this factor. These factors make this type of solution cost inefficient and very difficult to scale. In contrast, the Secure Audit vault captures data as it is produced, creating in real-time a granular "digital fingerprint" of the data which can be verified in any later analysis. Furthermore, instead of using hardware, it is a software-based solution. Being hardware-agnostic means a dramatic reduction in costs associated with their implementation. This agnostic view is applied not only when dealing with the hardware where Secure Audit Vault must be working with, but also with the platform it must be applied and with the type of data processed. On the other hand, by being a data-centric solution, the Secure Audit Vault enables data portability. The "integrity seal" applied to each record stays with the record, regardless where the information is kept. If the files are stored in the tool’s database, the integrity part remains there; on the contrary, if a file export is performed, the resulting file is signed and the integrity "moves" with the exported data.
|
