Blockchain Verify

    Blockchain Verify, which used to be known as ICE (Integrity and Compliance Edition) - supports regulatory compliance for customers in highly-regulated industries, or customers who have strict data audit and storage requirements. Blockchain Verify provides irrefutable evidence of unchanged backups.

    With Blockchain Verify, we have enhanced our cloud-based backup and recovery platform for cloud-resident data, to help support companies with their stringent compliance requirements for electronic records storage, retrieval, and management.

    The Securities and Exchange Commission's (SEC) sets out five specific requirements for regulated entities that choose to store and retain books and records on electronic storage media. In addition to books and records, the regulated entities must retain copies of all communications related to their business.

    The requirements are:

    1. Records may be preserved consistent with the WORM Requirement, or the use of an electronic recordkeeping system that maintains and preserves electronic records in a manner that permits the recreation of an original record if it is modified or deleted. Specifically, the electronic recordkeeping system must maintain a complete time-stamped audit trail that includes:
      1. All modifications to and deletions of a record or any part thereof.
      2. The date and time of operator entries and actions that create, modify, or delete the record.
      3. The individual(s) creating, modifying, or deleting the record.
      4. Any other information needed to maintain an audit trail of each distinct record in a way that maintains security, signatures, and data to ensure the authenticity and reliability of the record and will permit re-creation of the original record and interim iterations of the record.
    2. Automatically verify the quality and accuracy of the storage media recording process.
    3. Serialize the original, and if applicable, duplicate units of storage media, and time-date the data for the required period of retention.
    4. Have the capacity to readily download indexes and records.
    5. Store separate, duplicate copies of all retained data. 

    Our Approach to Compliance

    We offer cloud-based archiving solutions that allow customers to implement retention policies for regulated records stored in their Salesforce, ServiceNow, or Microsoft Dynamics instance(s). 

    Preservation

    To ensure that data is preserved properly, our products employ an automated mechanism that compares an algorithmic, computational hash of the data before and after it has been written to storage in order to validate the backup and match it to the source. Furthermore, we store the backup in a compressed form, which has built-in cyclic redundancy checks (CRC) to provide error-detection and integrity verification. Industry standard security protocols of Transport Layer Security (TLS 1.2) are utilized when uploading data, reducing the risk of network-level errors during transmission.

    Record Recreation

    Using the archived data, our products provide capabilities to find and recover records that have been lost or corrupted in the original SaaS data source. Using our comparative analysis features, the user identifier that last modified a record can be determined in certain situations.

    Audit-trail

    We also store a detailed audit log of actions that create, modify, and delete archives alongside the acquired data, and presents certain entries in the user interface. The audit trail displayed in the user interface can be exported to a report in CSV format. These features fulfills the requirement that the electronic recordkeeping system have the capacity to readily download and transfer copies of a record and its audit trail (if applicable) in both a human-readable format and in a reasonably usable electronic format.

    Verification

    To help customers prove the authenticity and reliability of archived data, Recover computes cryptographic hash values of copied data segments to verify their integrity. In addition, an overall SHA256 hash value of combined segment hashes can be computed and stored in a public blockchain using the Blockchain Verify solution, which supports independent integrity verification. 

    Record Retention

    Organizations are required to retain financial records for a set durations of time. While the exact length of time varies by record type, retention periods fall within 2-6 years. This requirement can be fulfilled by using our solutions to build custom retention policies to ensure that regulated data is kept for the proper length of time.

    Why Blockchain?

    Blockchain Verify leverages blockchain technology to ensure an archive can’t be overwritten, updated, or altered.

    Blockchain is a distributed database that keeps continuously growing lists of transaction records without holding actual files and without making copies. Blockchain technology extends well beyond cryptocurrencies (such as Bitcoin), and its decentralized nature is perfect for the prevention of tampering, revision, and malicious editing.

    Through Blockchain Verify, the integrity of backup files can be irrefutably and independently confirmed by us, or any third party with authorized access to the blockchain. With the digital signatures of the files stored on the Blockchain, they can be accessed whenever needed to provide irrefutable evidence that the records contained within have not been modified.

    Irrefutable Evidence of Unchanged Backups

    Using the timestamp and the content of the original backup, Blockchain Verify, uniquely provides irrefutable evidence of backup data integrity. This is achieved by generating verified backup signatures and indexes. This signature is then stored on a public blockchain, which is a decentralized ledger and permanent record facility.

    If the backup is subsequently modified, the original backup signature will no longer be producible using the combination of the current backup content and the original timestamp. The ability to produce the same backup signature and easily access non-modified backups is paramount in ensuring you have the evidence needed to support regulatory inquiries pertaining to data integrity.

    Accurate Recording Process

    Blockchain Verify compares an algorithmic, computational hash of the file before and after it has been written to storage in order to validate the backup and match it to the source. Furthermore, we store the backup in a compressed form, which has built-in cyclic redundancy checks (CRC) to provide error detection and integrity verification. Industry-standard security protocols are utilized when uploading data, reducing the risk of network-level errors during transmission.

    Once the data has been written, it is then replicated across multiple areas for redundancy. Should an integrity check fail during this replication process, our self-healing capabilities will rewrite the data from the source to ensure all replicated data is exactly the same.

    Serialize and Time-Date for the Required Retention Period

    Our infrastructure captures the necessary index and metadata information to address this requirement. We ensure metadata has been created for each backup, including an index, unique ID, backup hash, and a serialized timestamp. Additionally, our solution collects data points about the backup, containing when it started and was completed, warnings, errors, size, records count, and record IDs.

    Capacity to Download Indexes and Records

    Blockchain Verify provides customers and authorized auditors, with multiple capabilities for downloading and exporting the data.

    • Download/Export full indexes of all backups over specific periods of time.
    • Download/Export specific files and metadata from within a backup into CSV or industry-standard MySQL format.
    • Download/Export indexes, time stamps, and associated hashes to validate that the data’s integrity has been maintained throughout the data lifecycle.

    Duplicate Copy of the Records Stored Separately

    Our infrastructure creates and replicates encrypted snapshots across two separate storage systems, in multiple zones within the customer's storage region. Wen the ensures the replicated data’s integrity is maintained throughout the data lifecycle across multiple zones.

    Activating a Blockchain Verify Service

    Blockchain Verify can be enabled from a service's Options page.

    NOTE: This article is not legal advice. Persons and entities considering how to comply with rules and regulations, including those discussed above, should consult with their qualified legal advisors.

     

    « Previous ArticleNext Article »