Build with the Virtru Developer Hub

It's Your Data. Protect It. Control It. Everywhere.

Try the Demo          Learn More     

Use Cases

In order to deliver against our data privacy mission—all data protected, anywhere—we built our SDKs to simply and flexibly support a wide range of use cases. Below are five specific examples of how Virtru SDKs are being used today to protect data across environments, applications, and devices.

Scroll down or jump directly to your preferred use case:

Secure and Share Files in Multi-Cloud Platforms

Organizations depend on an increasing number of cloud platforms for daily business functions. Ensuring the security and privacy of the data is an incredibly complex challenge across applications and cloud environments. Security and IT professionals are left juggling the growing business requirements to share data across various cloud-based platforms, while maintaining compliance and security controls across these platforms. Given the increase in external applications, implementing provable security and privacy as data travels internally and externally may seem impossible.

With Virtru’s Data Protection Platform, customized and automated workflows can track data on a per object and per user basis as they are written to the cloud. With TDF for data encryption, individuals can easily create customizable access controls to help revoke data, restrict future sharing, and establish an audit trail. Unlike many proprietary solutions, these protections travel across platforms and vendors to help avoid vendor lock-in or implementing different solutions per platform. By integrating with existing tech stacks, it also can help save resources and decrease errors and unauthorized use. Thanks to the audit functionality, developers and security professionals can also track who has accessed data and when to provide verifiable security and privacy.

Data remains protected across platforms and vendors, while maintaining controlled access. Regardless of where the file is stored, opening the file would require authenticating to the TDF's Key Access Server (KAS) in order to retrieve decryption keys. Any unauthorized users in possession of a file will not be able to open the file because they cannot access the decryption key. These protections persist internally and externally to corporate firewalls for auditable, revocable control that can evolve as business requirements change.

Relevant core capabilities include:

  • Consistent policy enforcement across cloud environments.
  • Granular access controls.
  • Audit trail to assess data access.
  • Persistent data protection that binds to the data wherever it goes.

Secure IoT Data

IoT introduces significant management and oversight challenges as organizations seek to manage an exponentially growing number of devices and a growing amount of data coming from those devices. Organizations that rely on these IoT sensors and other data collection devices are increasingly aware of this broadening of the attack surface and the introduction of new vulnerabilities which leads to a demand to protect IoT data. In fact, there is increasing concern that IoT devices hold onto and store data indefinitely, creating urgency in the need to ensure the security and privacy of the data. Whether preparing to secure today’s sensor collection and transfer, future-proofing against imminent IoT data regulations, or deterring financial or reputational damage over insecure IoT software, securing IoT data is a growing enterprise priority.

IoT devices introduce new technical challenges to protect against unauthorized data access, with sensors producing multiples files per second or streaming data between locations. This data must uphold privacy standards across the entire lifecycle of the data, from collection to transmission to analysis even when the device itself may be insecure. TDF protections can be implemented as soon as the data is generated and travel with the data throughout transmission and dissemination without causing any latency issues. The ABAC-based access controls enable customized access features, including revocation and expiration. Given the potential for IoT devices to be lost or stolen, these access controls coupled with audit features that track object-level events, ensure the integrity of sensitive data, and protect it from abuse and compromise.

Relevant core capabilities include:

  • ABAC-controls manage access policies and evolve them due to changing requirements or lost or compromised devices.
  • Track data events at the object-level through audit controls.
  • Low latency encryption does not slow down the workflow or data streams.

Secure File Transfer

The $1.5B file transfer market is dominated by antiquated, expensive, and hard to use tools that view security as an afterthought. To overcome the complexity and ineffectiveness of existing solutions, customized solutions are often created for internal and external file sharing. These customized systems are established to monitor and facilitate the transfer of large file transfers, such as establishing an application to automatically transfer files whenever they are placed in a specified folder.

With embedded persistent control built upon TDF, Virtru easily helps organizations overcome the complexity and vulnerabilities associated with transferring large files and gigabytes of data. Flexible key management services can be embedded in customized applications, with granular access controls at the object-level for positive control of the data. Audit logs identify when the data has been accessed, by whom, and from which devices. Developers and data owners gain greater visibility over their data, wherever it is disseminated, to ensure the integrity of the data that is received and for persistent monitoring of the data. This includes on-premises infrastructure as well as large file transfers in multi-cloud environments.

Relevant core capabilities include:

  • Audit logs for enhanced visibility of data.
  • Flexible key management services that integrate easily into customized applications.
  • TDF wraps data, automatically providing persistent controls that travel with the data.

Persistent Data Control for Privacy and Compliance

Companies are still struggling to comply with last year’s General Data Protection Regulation (GDPR) and are not prepared for upcoming regulations such as the California Consumer Privacy Act (CCPA), which comes into effect in January 2020 with significant penalties. In one survey taken at the one-year anniversary of the GDPR, almost 80% of global businesses admitted to failing to comply or struggling with staying on top of the latest compliance regulations. Another survey found that the majority of organizations are not ready for CCPA compliance. On average, most organizations spend between four and nine months to achieve compliance. Manual, error-prone approaches to compliance, such as faxing and secure FTP, remain one of the biggest obstacles.

In particular, organizations need to prove appropriate security safeguards are in place through audit logs of the data access, so that compliance teams can validate security safeguards in case a compromise occurs. This is increasingly a top priority as record-breaking fines continue to emerge following data breaches. While key management solutions are essential, for more comprehensive compliance there must be a way to encrypt data within a browser and ensure it remains encrypted, while verifying only authorized users can easily view the data. Similarly, organizations often require that customers retain ownership of the data once it is in their application, including who can access the data and evolve those privileges over time. Below are two scenarios to demonstrate how the Virtru Data Protection Platform expedites compliance. Each scenario demonstrates how data management is facilitated, with data owners controlling who can access the data and when, including preventing third-party access to the data, such as throughout a supply chain or preventing data access by app developers.

Proving Security Safeguards are in Place

Proving reasonable and appropriate security measures for data is a part of GDPR and other privacy legislation. If a breach does occur, an audit log helps validate that the security safeguards are in place and provides incident response teams with insights on who accessed the data, from where and when. With Virtru, you can easily encrypt and tag data with protections that travel with the data regardless of platform or data type. You can also use the dashboard to analyze and audit where the data goes and how it is exchanged. This could be especially relevant in defending against data theft as the data remains protected in data breach scenarios such as cloud misconfiguration or malicious exfiltration. With insider threats also a prominent concern, these access privileges also can be updated to evolve over time, including revoking data access to prevent authorized access.

Relevant core capabilities include:

  • Audit features to track data access.
  • Full life cycle data protection from authentication to encryption, decryption, revocation and key rotation.
  • TDF wraps data, automatically providing persistent controls that travel with the data.
  • The data owner can track the lifecycle of the data through audit controls and demonstrate proven protection.

Streamlining Right of Access Requests

Right of Access Requests pose very different compliance challenges. These requests for individual data access are on the rise following the GDPR, and will only increase as similar legislation is enacted elsewhere. Roughly half of all organizations manually respond to Right of Access requests, which can be time-consuming and difficult for many companies, but will continue to increase following the GDPR and subsequent regulation. With the Virtru Data Protection Platform, these can be automated while reducing error, and can be facilitated even at scale. By leveraging the privacy controls, access can be automated and tracked over time, including as access requests emerge.

Relevant core capabilities include:

  • Tagged data facilitates accessing data based on specified privileges in the Right of Access request.
  • Data is securely sent with customized access controls.
  • Access controls persist across platforms.

Secure Internal Files

Internal data often gets aggregated into reports or goes through automated pipelines to expedite business workflows. Automation for business processes can be a force multiplier, but data security is often an afterthought when building automated software applications. Point solutions to secure these automated functions and the data passing through them have incomplete security coverage, generally do not scale, and are increasingly difficult to manage. In fact, managing the point solutions can be intractable and can actually introduce additional risk for meeting timelines and insufficient security coverage. An additional layer of data protection is needed to support compliance, establish access privileges and block third-party access to the data since the automation occurs within cloud environments. The additional data layer cannot hinder current workflows, or else we’ll regress back to the point solutions that we have become accustomed to over time.

With Virtru, you can easily embed encryption into your applications and automated workflows, ensuring automated tasks and scripts are protected as is the data flowing through them. Customizable access privileges ensure files remain protected, while preventing compromises at the hands of attackers or cloud-service providers. Because protection is embedded into the application, the removal of multiple point solutions creates business efficiencies, while maintaining familiar at rest internal data protection and workflows to prevent business interruptions. Handling sensitive data is no longer an additional risk or burden because of the audit capabilities to track the data, as well as the administrative dashboard that helps manage and update policies and reporting.

Relevant core capabilities include:

  • Full life cycle data protection from authentication to encryption, decryption, revocation and key rotation.
  • TDF wraps data, automatically providing persistent controls that travels with the data.
  • The data owner can track the lifecycle of the data through audit controls and demonstrate proven protection.

Use Cases

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.