Contact Us

DataStealth Use Cases

datex-use-cases

In different industries, organizations, and IT environments, the patented DataStealth technology has proven to be the best, the most powerful, and the most flexible cybersecurity offering available on the market – capable of being deployed quickly, innovatively, and inexpensively to solve numerous cybersecurity use cases.

DataStealth prevents the theft of sensitive PII by automatically eliminating all PII from being stored anywhere in an organization’s IT environment. Stolen PII can be used for so many illicit purposes. Just a few examples include:

  • Stealing an individual’s identity to fraudulently obtain credit, bank loans and mortgages. In some instances, such fraudulent activities have led to permanently ruining an individual’s credit rating and even bankrupting them.
  • Stealing embarrassing information that can be used to blackmail or extort an individual or organization.
  • Stealing an organization’s client list that can be sold to a competitor.
  • Stealing and publishing sensitive documents, financial records, business plans or private Emails of an individual or organization.

“As the guardian of our stakeholders’ Personally Identifiable Information (PII), our organization is responsible for ensuring that this sensitive data remains safe and secure. Hardly a day goes by without seeing an article about a serious breach involving the largescale theft of PII. When we were introduced to DataStealth, they claimed they could protect all of the sensitive PII in our IT environment so that if a breach were to occur, there would be no PII for the intruders to find and steal. We were understandably skeptical. However, significant testing proved DataStealth could protect our sensitive data without business interruption and be speedily deployed.”

Cybersecurity Executive

DataStealth Partner since 2018

DataStealth prevents the theft of PHI from your IT environment by automatically eliminating all PHI from being stored anywhere in an organization’s IT environment.

“Like all healthcare organizations, we were struggling to find a solution to the dilemma imposed by modern privacy regulations and the technical challenges to meet the healthcare requirements of the 21st century. More specifically, how to address seemingly contradictory objectives to work with individual patient data for diagnosis and treatment of individual patients, use pseudonymized patient data required for large scale medical research, have the ability to ingest multiple sources of data including apps and wearable devices, all at the same time as we meet the regulatory requirements to ensure the confidentiality, integrity, authenticity, and availability of patient data. The solution we discovered to meet these complex and seemingly contradictory technical requirements was DataStealth. It sounded too good to be true, so we really did our due diligence. We compared DataStealth to other data security offerings and they came out on top. We checked their references and were blown away by how highly their clients thought of them. Even then, we insisted that Datex prove to us that DataStealth would actually work to protect Personal Health Information (PHI) in our specific computer environment. Their data security experts are really knowledgeable and did all of the heavy lifting for the entire implementation process. DataStealth is the real deal and made believers out of skeptics.”

Director, Information Security

DataStealth Client Since 2020

DataStealth prevents the theft of credit and payment card data from your IT environment by automatically eliminating all such highly sensitive data from being stored in your applications and databases.

"My company transmits millions of customer payment cards through our computer systems. That makes us a target for hackers. DataStealth put an end to the threat of payment card theft once and for all by automatically intercepting data before it ever enters our systems. Now, if a data breach were to ever occur, no credit card data could be stolen because there is no credit card data in our computer systems to steal. I no longer stay up at night worrying. DataStealth is an awesome solution – unlike anything else out there.”

IT Enterprise Architect

DataStealth Client Since 2020

DataStealth can eliminate most of the significant expense and personnel time required to undertake the annual Payment Card Industry – Data Security Standard (PCI-DSS) audit because DataStealth eliminates all credit and payment card data stored in your IT environment.

"The need for my company to pass the annual PCI (Payment Card Industry) compliance audit is necessary in order to continue to be allowed to accept credit card payments. This audit is a complete drag on our precious resources and stifles our ability to focus on our core business. Prior to learning about DataStealth, we spent a ton of time and effort ensuring our software systems and IT environment met the rigorous standards required for PCI compliance. Since our DataStealth implementation, we've managed to reduce that effort by nearly 95% allowing our technology resources to focus on innovating our core products. The best part is we didn't have to go through a lengthy implementation process or modify our existing software systems to take advantage of DataStealth. There are very few times in technology when you're able to find a silver bullet solution to solve a complex problem, but I can honestly say DataStealth is one of them."

Vice President, Global Technology

DataStealth Client Since 2016

DataStealth eliminates the serious security risk of using real production data in non-production environments (such as the development, testing, and quality assurance of new and modified applications). DataStealth achieves this by enabling the creation of safe and useful replacement data that mimics all the attributes of real data, at scale, across the entire IT test environment.

Because most IT departments are unaware of solutions like DataStealth, they feel that they have no choice but to use real production data in non-production environments while testing their new system development. But by doing so, the real production data is at serious risk of being compromised because non-production environments do not have the same level of security or access controls.

It is indeed critical to ensure that any new or modified computer application behaves as expected and can be safely deployed as it is moved into production.

Now with DataStealth, development, testing, and QA teams are provided with data that is de-identified, completely realistic, and safe to use. DataStealth eliminates a huge risk for IT departments and their entire organization.

Compliance with legal, privacy, regulatory, governance and other data security obligations are ever changing, and extremely complex. Just a few examples of such current and proposed legislation include:

  • The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • The European Union General Data Protection Regulation (GDPR)
  • The Data Protection Act (U.K.)
  • The California Consumer Privacy Act
  • The Canadian Personal Information Protection and Electronic Documents Act (PIPEDA)
  • The Province of Quebec’s Bill 64

Legal compliance is getting much more complicated. In a recent highly reported case, a lawyer who served as Chief Security Officer of a major U.S. corporation was criminally charged in the aftermath of a serious data breach. Non-compliance with data privacy legislation is simply not an option for responsible, ethical, and risk-adverse organizations. And DataStealth is making it possible to enable legal compliance.

“Legal compliance with the ever changing, international patchwork of data privacy legislation is exceedingly difficult and complex. The provisions of these data security and privacy legislative acts are burdensome and can result in significant financial and legal penalties in the event of non-compliance. A surprising number of organizations, even large ones, have chosen to put off or ignore their legal obligations because their IT departments and external consultants simply don’t know how to technically achieve legal compliance. This has the potential to expose organizations to even greater negative consequences and damages. The patented DataStealth technology has some incredibly unique attributes that allow organizations to bring themselves into legal compliance with the myriad requirements of data privacy legislation – quickly, easily, and inexpensively. It is an innovative solution that addresses this vital legal obligation.”

Lawyer Specializing in Corporate Risk and Security

Discovered DataStealth in 2019

DataStealth can enable your organization to legally comply with data residency legislation by ensuring that sensitive data does not physically leave your home country as it crosses geographic borders on its way to SaaS applications or cloud repositories located in other countries. DataStealth thus allows organizations to use any non-resident technology they desire without contravening data residency legislation.

“Virtually all organizations are legally and contractually prohibited from sending sensitive data across the border to another country. Some organizations are aware of this – others are not. IT departments struggle to find a solution that would allow their organizations to adhere to their legal obligations, while at the same time, enjoying the benefits provided by software providers and repositories on the Cloud, physically located out of country. DataStealth is the only technology I am aware of that could automatically obfuscate Personally Identifiable Information (PII) before it crosses a country border on its way to a Cloud application or repository such as Salesforce, Microsoft Azure, Amazon, and many others. DataStealth can process millions of transactions without ever legally or physically exposing any sensitive customer information outside of your country.”

Lawyer Specializing in Corporate Risk and Security

Discovered DataStealth in 2019

DataStealth enables organizations to dynamically block unauthorized users from viewing sensitive data at the time of use by applying any number of business rules that will determine who can and cannot view sensitive data.

Just one example of this could involve an organization’s decision to use an external call center for overflow customer call volume. This raises legal and operational risks that these external users, many of which are offshore, would have full visibility into extremely sensitive customer records. Solutions to these problems can be extremely complicated as there are hundreds of factors that need to be taken into consideration when defining, managing, and applying Data Masking rules.

DataStealth’s Dynamic Data Masking capabilities are much more robust and feature-rich than any other data masking solution commercially available. DataStealth makes it easy to prevent unauthorized access to sensitive data dynamically, at the time of use. Real data is masked by alternate characters to block the ability for unauthorized users to view sensitive data without interfering with their ability to accomplish their normal business processes. Data is masked in real time, enabling organizations to specify how much sensitive data to reveal to users, on a user-by-user basis, based on any number of granular attributes such as the user’s role, location, privileges, etc.

DataStealth’s unique ability to quickly and easily accomplish all this without the need for any changes to any internally developed, commercially licensed, or SaaS based applications. DataStealth’s Dynamic Data Masking does not affect our data in storage and has no permanent effect on any of an organization’s data at rest. Most importantly, from a data security perspective, data masking is a one-way transformation that cannot be reversed.

DataStealth enables organizations to easily and accurately identify and classify sensitive data across their entire enterprise, for both data and documents, that reside in databases, file servers, applications, and other data repositories.

“As a large and regulated organization with many decades of customer data, sprawling across hundreds of systems in our many data centers, cybersecurity is one of our highest and most challenging priorities.

One of the challenges for an organization of our size and complexity is understanding what sensitive data resides in our computer network, where it is located, and who has access to it – as a crucial first step in securing our sensitive data.

Data discovery and data classification is the foundation for any successful data security initiative, yet it is also one of the most time-consuming and error-prone aspects of the overall process. Scanning for simple pattern matches often leads to unexpected results in the form of false positives and false negatives. These inaccuracies lead to long manual investigations that are prone to many errors and inaccuracies.

DataStealth allows us to quickly uncover sensitive data in our environment, whether the data is in structured, semi-structured, or unstructured format – in file servers, disparate data repositories, databases, or endpoint devices. By using DataStealth’s sophisticated confidence/validity scoring, false positives are reduced, and accuracy is increased.

DataStealth is an extremely flexible and robust solution that helps us locate and protect sensitive data in a wide variety of systems – from our legacy mainframes to our latest cloud-based apps.

We constantly evaluate a large number of cybersecurity solutions to identify new capabilities. We carefully validate the claims made by vendors to see if they are in fact accurate. Every once in a while, we come across a technology that is totally different than anything else and that delivers exactly what is promised. DataStealth is one of those rare technologies. Their innovative ideas and passion for making things work is truly commendable.”

Director of Cybersecurity Operations

DataStealth Client Since 2020

DataStealth for ABAC is a dynamic, context aware, access control solution that uses specific attributes from many different information systems to determine if user access should be granted.

Controlling user access to all their many systems is a major risk of concern to many organizations. The traditional and static role-based access control definitions require significant resources to support, and never really provided the comfort organizations need to mitigate the risk of unauthorized access to systems and data.

DataStealth’s Attribute Based Access Control is a totally new and superior solution to this challenge. Other solutions required significant development, integration, and expense to deploy, if they could do it at all. With DataStealth, organizations can allow or deny access to data and documents dynamically based on attributes such as AD/UD group membership, geo location, IP address, date/time, and even rate of access. All this can be done quickly, effortlessly, and inexpensively.

Most large organizations still use many older, legacy mainframe systems in their day-to-day operations. Unfortunately, they cannot add modern data security capabilities to those legacy technologies because they are afraid to make code changes to mainframe systems in fear of breaking something and no longer having the staff, who originally wrote the programs, around to fix them.

“Every data security solution we evaluated for our legacy mainframe systems required us to either modify code, install an agent or widget, or integrate with an API, all of which were a non-starter for us. DataStealth claimed to be able to secure the data stored inside our legacy applications by putting DataStealth in front of and behind our environment, applying tokenization and encryption to our data on the way in, and detokenization and decryption to our data on the way out, without touching any of our technology in the middle.

There was a grand total of zero people on our team that believed that this was possible. So, we engaged Datex for a Proof of Concept and challenged them to prove their claims. Our expectation was that this would fail, and that it would fail fast. Incredibly, our expectations were completely incorrect. DataStealth was able to do exactly what they said it could do, exactly in the way they said it would do it. I think there are still a few jaws on the table in our office.”

Cybersecurity Department Director

DataStealth Client Since 2020

Datex is often approached by clients to brainstorm new ways of deploying DataStealth’s powerful cybersecurity capabilities to solve specific new challenges. We are proud of our record of pulling technological “rabbits out of the hat” and welcome the opportunity to discuss new use cases or problems that organizations need to solve – the more challenging, the better.

DataStealth’s highly experienced technologists look at problems from their unique vantage point and present solutions that are best described as ‘outside of the box’.

Recently, one DataStealth client came to us with a data security issue that their corporate risk and compliance department had flagged as being extremely significant. The client told us that they had tried everything in their current IT toolbox to solve the issue but that they had been unsuccessful.

DataStealth’s team of engineers and architects held an internal brainstorming session. Within a few days of that discussion, we presented a solution for using DataStealth to innovatively solve their complex data security problems quickly and inexpensively – in ways that they had not contemplated or even thought possible. The solution proved to be a great success.