Protecting sensitive information
Safeguard your sensitive data with automatic and transparent encryption services. Blackthorn GRC Z-Crypto uses advanced encoding technology to keep confidential information related to governance, risk and compliance (GRC) management activities beyond the reach of unauthorised personnel – ensuring it remains confidential and giving you peace of mind.
Automatic encryption
Role-based access control within the Blackthorn GRC solution and security functionality offered by Microsoft SQL both provide protection against unauthorised access. However, there is still a risk that personnel with privileged access to the server systems may attempt to view the information.
To prevent this, Blackthorn GRC Z-Crypto encrypts data stored within the Blackthorn GRC database, ensuring that it is only viewed by authorised personnel. Information is enciphered and deciphered automatically and transparently, so that it does not disrupt or slow down authorised users.
World-class standards
Data is encrypted according to the following specifications:
- Algorithm – AES 256-bit (RijndaelManaged)
- Crypto Engine – Microsoft crypto functions System.Security.dll (2048-bit key and 1024-bit vector)
Key management and backups
Encryption keys can be set and archived by the user.
All database backups remain fully encrypted.
Protection for valuable data
Blackthorn GRC can contain some of the most valuable – and sensitive – information your organisation possesses. So, it makes sense to keep it secure. Data stored in the solution may refer to:
- Personal details such as disciplinary, medical or criminal records
- National or corporate security investigations
- Regulatory breaches
- Sensitive reviews and screening
- Information that could be prejudicial to the reputation of your organisation
