Blockchain Verify, which used to be known as ICE (Integrity and Compliance Edition) - supports regulatory compliance for customers in highly-regulated industries, or customers who have strict data audit and storage requirements. Blockchain Verify provides irrefutable evidence of unchanged backups.
With Blockchain Verify, we have enhanced our cloud-based backup and recovery platform for cloud-resident data, to help support companies with their stringent compliance requirements for electronic records storage, retrieval, and management.
The Securities and Exchange Commission's (SEC) sets out five specific requirements for regulated entities that choose to store and retain books and records on electronic storage media. In addition to books and records, the regulated entities must retain copies of all communications related to their business.
The requirements are:
We offer cloud-based archiving solutions that allow customers to implement retention policies for regulated records stored in their Salesforce, ServiceNow, or Microsoft Dynamics instance(s).
Preservation
To ensure that data is preserved properly, our products employ an automated mechanism that compares an algorithmic, computational hash of the data before and after it has been written to storage in order to validate the backup and match it to the source. Furthermore, we store the backup in a compressed form, which has built-in cyclic redundancy checks (CRC) to provide error-detection and integrity verification. Industry standard security protocols of Transport Layer Security (TLS 1.2) are utilized when uploading data, reducing the risk of network-level errors during transmission.
Record Recreation
Using the archived data, our products provide capabilities to find and recover records that have been lost or corrupted in the original SaaS data source. Using our comparative analysis features, the user identifier that last modified a record can be determined in certain situations.
Audit-trail
We also store a detailed audit log of actions that create, modify, and delete archives alongside the acquired data, and presents certain entries in the user interface. The audit trail displayed in the user interface can be exported to a report in CSV format. These features fulfills the requirement that the electronic recordkeeping system have the capacity to readily download and transfer copies of a record and its audit trail (if applicable) in both a human-readable format and in a reasonably usable electronic format.
Verification
To help customers prove the authenticity and reliability of archived data, Recover computes cryptographic hash values of copied data segments to verify their integrity. In addition, an overall SHA256 hash value of combined segment hashes can be computed and stored in a public blockchain using the Blockchain Verify solution, which supports independent integrity verification.
Record Retention
Organizations are required to retain financial records for a set durations of time. While the exact length of time varies by record type, retention periods fall within 2-6 years. This requirement can be fulfilled by using our solutions to build custom retention policies to ensure that regulated data is kept for the proper length of time.
Blockchain Verify leverages blockchain technology to ensure an archive can’t be overwritten, updated, or altered.
Blockchain is a distributed database that keeps continuously growing lists of transaction records without holding actual files and without making copies. Blockchain technology extends well beyond cryptocurrencies (such as Bitcoin), and its decentralized nature is perfect for the prevention of tampering, revision, and malicious editing.
Through Blockchain Verify, the integrity of backup files can be irrefutably and independently confirmed by us, or any third party with authorized access to the blockchain. With the digital signatures of the files stored on the Blockchain, they can be accessed whenever needed to provide irrefutable evidence that the records contained within have not been modified.
Irrefutable Evidence of Unchanged Backups
Using the timestamp and the content of the original backup, Blockchain Verify, uniquely provides irrefutable evidence of backup data integrity. This is achieved by generating verified backup signatures and indexes. This signature is then stored on a public blockchain, which is a decentralized ledger and permanent record facility.
If the backup is subsequently modified, the original backup signature will no longer be producible using the combination of the current backup content and the original timestamp. The ability to produce the same backup signature and easily access non-modified backups is paramount in ensuring you have the evidence needed to support regulatory inquiries pertaining to data integrity.
Blockchain Verify compares an algorithmic, computational hash of the file before and after it has been written to storage in order to validate the backup and match it to the source. Furthermore, we store the backup in a compressed form, which has built-in cyclic redundancy checks (CRC) to provide error detection and integrity verification. Industry-standard security protocols are utilized when uploading data, reducing the risk of network-level errors during transmission.
Once the data has been written, it is then replicated across multiple areas for redundancy. Should an integrity check fail during this replication process, our self-healing capabilities will rewrite the data from the source to ensure all replicated data is exactly the same.
Our infrastructure captures the necessary index and metadata information to address this requirement. We ensure metadata has been created for each backup, including an index, unique ID, backup hash, and a serialized timestamp. Additionally, our solution collects data points about the backup, containing when it started and was completed, warnings, errors, size, records count, and record IDs.
Blockchain Verify provides customers and authorized auditors, with multiple capabilities for downloading and exporting the data.
Our infrastructure creates and replicates encrypted snapshots across two separate storage systems, in multiple zones within the customer's storage region. Wen the ensures the replicated data’s integrity is maintained throughout the data lifecycle across multiple zones.
Blockchain Verify can be enabled from a service's Options page.