We need a solution that will allow us to temporarily share secure information with our remote sites

zito2000
zito2000 used Ask the Experts™
on
We need a solution that will allow us to send information (credit card #s, confidential memos...etc) to and from our remote offices, while having the ability to determine when that info gets automatically deleted on the remote end.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
IT Services Analyst
Commented:
There really is no way to guarantee something like that. Once you send the info out, the recipient could make copies, print files, etc. You can lock down machines to prevent stuff like that, but that's assuming you have control over the computers in the remote office and how much you want to lock them down.

At the very least, you may want to look at encryption options like in Acrobat where you can at least protect date inside of files. There's tons of ways to protect info, but keeping track of who deletes what is going to be tougher without setting up some kind of contained system.
David FavorFractional CTO
Distinguished Expert 2018
Commented:
1) We need a solution that will allow us to send information (credit card #s, confidential memos...etc) to and from our remote offices...

This instantly breaks all PCI compliance as you instantly break the air gap rule.

So if you're really planning on doing something like this, likely best not to mention it publicly.

2) while having the ability to determine when that info gets automatically deleted on the remote end.

This is easy. You'll do this with code you write when pulling your data from original site to remote site.

Easy to do. Whether or not you should do this... See item #1...

3) Also be aware, when you start randomly sharing personal data + credit card info, now you've entered the potential of breaking laws, depending on exact jurisdiction of your starting server, your remote server, along with nationality of every person who's data you share.

Tip: You best run this all by your legal department before proceeding.
zito2000Network Manager

Author

Commented:
So let me elaborate a little (thank you for the responses at this point).  Maybe my further details will change your responses, or maybe it won't.

I have UserA that needs to give UserB sensitive information (possibly just name/address, intercompany data, etc.).  Not necessarily credit cards, but information that should be viewed once and then gone from history.
We want them to transmit the data using something other than a phone call and we want that data to be destroyed after the recipient reads it.  Almost like a Snapchat deletion feature.  
Does that change either of your answers/suggestions?  

Thank you again for your time.
William FulksIT Services Analyst

Commented:
Do you have control over UserB's computer?

If not, then there's no way you can totally control what they do with the data you send them.
zito2000Network Manager

Author

Commented:
Theoretically, we would be able to have control over user B's computer, but it would not be feasable to lock down a specific computer just for the sake of making sure User B does not make copies of a specific file, or copy.

Are there any software solutions out there that may achieve what we are looking for? Perhaps, something like dropbox, or a chat program that can perform this task?
William FulksIT Services Analyst

Commented:
You could set up a group policy to disable flash drives on that PC, and that would be helpful. You could also look at blocking email on it.

As for any kind of file service, I know there are some things out there but I have not personally used them and can't recommend something specific.  At the very least, you could look at file encryption which would at least make the file harder to open if it fell into the wrong hands. Basic password protection on files can be a deterrent.

The problem is access to data. Once they access that data, it's out in the open. A cell phone with a camera will bypass anything you might put in place if they can get data on their screen. You can establish internal policies and tell employees not to copy data, but trying to guarantee it with software is just about impossible. I mean, some people can even memorize a credit card number. It's only a few digits longer than a phone number.

Think of it this way - you can't show somebody something then force them to forget it. What has been seen cannot be unseen.
zito2000Network Manager

Author

Commented:
Thank you both for the information. It seems that there is no real way to accomplish what I'm looking for.
I do appreciate the input and your time.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial