The Three Stages of Data

The Three Stages of Data; In Transit, At Rest, In Use

What are the three stages of data and what is the difference?

When evaluating the security of a new software for use within your organization, such as an eSignature software, you may have come across terms like ‘Data at Rest’ and ‘Data in Transit’.

These phrases indicate the stage your data is in and are often used when discussing the protection of data. The approach and methods required to protect your data changes depending on the type of information you are looking to protect and what stage it is in. To learn more about securing your data, read this article on Data Security.

Before you learn how to protect your data you must first understand the three different stages of your data because each stage requires a different approach.

They are: Data in Transit, Data at Rest, and Data in Use.

Data in Transit, sometimes referred to as ‘data in motion’, is data that is actively moving from one point, or location, to another. It can be traveling across the internet or through a private network. Data in motion is also data being transferred from a local storage location (hard drive, USB, etc.) to a cloud storage device (Google Drive, OneDrive, Box, etc.).

You create data in transit each time you upload information to a partner organizations site, download the balance of your savings account from your bank online, or save something to a USB flash drive.

Data at Rest is data that is not actively moving from device to device or network to network. This data is usually stored on a hard drive, in the cloud, on a USB, or stored in some other way.

And ‘Data in Use’ is data that is being stored passively in a stable destination, but is being utilized in other parts of the IT architecture. It may be in the process of being created, edited or updated, erased, or accessed through different interface endpoints.

Think of a document you have on our computer that you update, edit, or delete. Any of those actions create the instance of the document and its data being ‘in use’.

There is also one other aspect to data that will be talked about, Data Residency. Data Residency deals with where your data is stored. When we talk about where your data is stored we are not speaking about the kind of device or drive it is on but where is it located in the world.

Data Residency is a key factor in many data laws or regulatory requirements imposed on data that govern a country or region in which it resides. These laws address key requirements in data protection and privacy. When evaluating a software look for their Trust Centre, this is where they will explain how they protect your data and privacy.

Protecting sensitive data is a high priority for any organization. And, as previously mentioned, the approach and methods required to protect your data changes depending on the type of information you are looking to protect and what stage it is in.

Data at rest is often considered to be less vulnerable than data in motion, but hackers and nefarious individuals often prefer data at rest and find it a more valuable target than data in transit.

We will review some of the methods used to protect data in each stage in an upcoming blog.

Educational Institutions Need to Implement eSignatures

Why Educational Institutions Need eSignatures

Educational Institutions Need to Implement eSignatures

In order to keep up with the ever-changing digital world, educational institutions need to implement eSignatures into their operations. Technology has had a tremendous impact on the education sector, and it’s important for schools and colleges to keep up with the latest trends. Electronic signatures are one of the many ways that institutions can modernize their processes.

Here are three reasons why eSignatures are so important for schools:

Efficiency: When administration staff is bogged down with paperwork, it can significantly impact their ability to complete other tasks. eSignatures allow you to sign documents and approvals quickly and easily, without the need for a physical signature.
Security: Documents signed with eSignatures are more secure than those that are not, as they cannot be tampered with or modified.
Compliance: Many government agencies and organizations require electronic signatures for compliance purposes. Using eSignatures can help your school stay compliant with regulations.

Security wise eSignatures a lot more secure than paper. Paper can get lost, stolen, someone can copy it without someone knowing, and it can easily get damaged resulting in the loss of information. The most secure signature is a Digital Signature. You can learn more about the differences between eSignatures and Digital Signature here.

To be compliant you have to follow certain guidelines and practices that your local governments or industry regulators have set up to ensure the security and safety of the documents and their signatures.

For example, some Canadian educational systems cannot have data that is stored off-site on a server that is located outside of Canada. The data also cannot go outside of Canada’s borders while in transit. This means you have to find an eSignature service like Signority.

Signority guarantees your data stays safe and secure in Canada, both in transit and at rest. This means your student’s data will never travel or reside outside of Canada’s borders.

Now, let's look at efficiency.

When I think of paperwork and schools, as a parent, I think of registration forms and permission slips. Let’s use these as our use case.

Each year you have to confirm the number of students who will be returning as well as register any new students. What are some
of the issues you have probably faced when going through this process.

A rush of last-minute parents coming in to register their child(ren) the week before school starts.
Incomplete and missing paperwork with signatures in the wrong place.
Trying to get the signatures of both parents when they are divorced or separated.

With an eSignature platform you can automate the whole process and ensure that all the information is given where it’s required. Now let’s see what the top 6 features that will help you the most.

Automated workflow. With the automated workflow feature set who to send the document package to and in what order. Each recipient receives an email notifying them they have a document. You can even set up auto-reminders that go out if someone takes too long to sign.
Templates. Setting up the school registration forms as templates means you are always ready to go – all you have to do is enter the parent’s name(s) and emails. And if you need to do 2, 20, or 200 at once, use a bulk sign template to send them in less than 5 minutes!
Multi-document package. One document package can consist of the registration form health forms, the list of required supplies, and the waiver. Just upload whatever files you need in the package one at a time or using bulk select. They can even be different file formats.
Automated email reminders. Forget having to pick up the phone or send another email. This feature allows you to determine when and how often the parents or school staff and officials will receive an automatic email reminder if they haven’t signed the document yet. This simple nudge encourages them to do their part while saving you time.
Template Link. Put a registration form on the school website so parents or students can register for an event. You can even put the registration form online for new student registrations.
Masked Tag: A masked tag will take any information entered into it, encrypt it, and conceal it from everyone in the workflow. This feature is especially useful for a student’s personal information like their health card numbers, student numbers, etc.

Having and using these six features in any eSignature platform can save you and your staff time and increase productivity.

BONUS - you help save the planet

There is one more really big benefit to using eSignatures. Sustainability. How much paper and printer/copier ink do you go through each year? I encourage you to check your budget. I’m sure you will find on the paper side, it’s a lot of trees. Remember, “Today is the opportunity to build the tomorrow you want.” ~ Ken Poirot.

Finally, I would like to ask you to consider the other savings you get along with eSignatures being a green technology. You save time and money.

Consider the time it takes to:

chase people for the signed documents,
having someone travel to deliver the document,
and then filing the document or scanning it back into your system.

Adopting eSignatures into your operations saves an average of $20 per document. Think about that. They save you time, money, and the environment. But don’t take our word for it, see for yourself with this article on Financesonline.com.

If you would like to learn more about eSignatures and the features available that may help you Signority’s tutorial page is a great resource.

And to see how well an eSignature Platform would work for you then I encourage you to take advantage of our free no obligation 2-week trial.

Look for my next blog where I write about Working from Home and eSignatures.

Have a great week everyone

Security Features You Need in an eSignature Platform

Your organization has decided to start using eSignatures and you have been tasked with researching the different options available in the marketplace. The first thing you have to do is research the basic security features you need in an eSignature platform. Then you can move on to the obvious, Price, Ease of use, Scalability, Reviews, and Features.

Why? Because you need to ensure all your documents and data is protected. You also have to ensure the signatures can be verified.

In order to ensure the integrity and veracity of the final document and signatures you need to be able to:

Secure the document and signatures
Verify the signer’s identities
Protect any confidential information entered
Track the document and signatories
Restrict access

Here are the basic security features you need in an eSignature platform:

Digital Signatures
Masked Text
Signer Identity Verification
Multi-Factor Authentication (MFA) and Single Sign On (SSO)
Audit Trail
Team Account Roles & Permissions

The first security feature you need is a Digital Signature. Wait… what? I thought eSignatures are Digital Signatures. Aren’t they the same thing?

No, that is a common mistake many people make. And it is one that will determine the security of the document and signatures. Here are the definitions as quoted from the post eSignatures vs Digital Signatures

“An electronic signature is information in electronic form (can be sound, symbol, process, etc.) that is associated or attached to a document. This means that so long as we can demonstrate that the signature is associated with a person and that there was intent to sign, everything is legally binding and accepted (all of this can be seen in Signority’s audit trail).

A digital signature is actually a form of electronic signature that uses an encryption algorithm that helps validate who the signer is. It also ensures that the document cannot be tampered with, as the signature becomes invalid if the document is changed after signing. This helps prevent repudiation by the signer, making it almost impossible to deny having signed the signature. Essentially, these issues are some of the biggest challenges to electronic signatures, and digital signatures are able to help overcome these issues.”

For a much more comprehensive explanation from a cybersecurity perspective read this post about digital signatures on TechTarget.com.

Next is the Masked Tag. This tag allows you to protect your signatory’s personally identifiable information (PII) and other confidential information. If you work in the healthcare field for example, you may ask someone for their insurance information. You want to make sure that no one else sees this information.

Using a masked text tag will allow your signer to securely enter PII into the form where you request it. The masked tag will conceal and encrypt the information entered once the signer has filled it out. This means anyone who receives the document for signing after this signer will only see the title of the tag you entered, i.e.: Health Card.

Because the information is encrypted, the person who needs that information, the document sender, will have to follow very specific steps to retrieve that information securely and confidentially.

To help ensure the integrity of a signature you need a Signer Identity Verification feature. This feature will send a one-time use PIN code to the signer either by email or SMS (text message). They will need to have this code in order to access the document. Once they have used the PIN code to access the document an action will be logged. Using this code verifies the signer received it on an account that can be traced back to them. The log, or audit trail, will document that the signer’s identity has been verified and how it was verified.

And now that you have verified your signers identity, let’s look a little closer to home. You need to secure access to the eSignature platform. You don’t want just anyone having access to your clients, partners, and company’s information. To do this your organization can either set up Single Sign On (SSO) or a Multi-Factor Authentication (MFA) Login. These sign in methods help restrict access and lower instances of phishing and make it much more difficult for hackers.

As stated in this great explanation of SSO by TechTarget.com, “Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials — for example, a name and password — to access multiple applications.” This ensures that unless someone can be verified through your companies main system, they cannot get in. The referenced article does a great job of explaining it.

If your company cannot use SSO then the application you select should, at the very least, offer MFA. As stated at precisely.com, “Multiple factor authentication verifies a user’s identity by combining two or more of the following independent credentials:

Something the user knows (e.g.: password, PIN, passphrase)
Something the user possesses (e.g.: email account, smartphone, code-generating device)
Something inherent to the user (e.g.: fingerprint, iris scan, voice recognition)”

The Audit Trail is the next security feature we will review. The Audit Trail is a document that comes with your final copy of the signed document. It can be a part of the final document or arrive as a separate document. It has three main components: the meta data, the Signers, and the History. The audit trail will show you who did what action (signing the document), the timestamp associated with the action, their IP Address, and if required any notes. A note can include the ID Authentication method and include a partial email address or phone number. An example confirming SMS ID Authentication in an Audit Trail can be seen in the image below.

ID Authentication Audit Trail log

Finally, you need to have the ability to set up team account roles and permissions. The ability to assign roles and permissions helps you keep your documents secure by restricting who has access to what and when. For a clearer understanding of how roles and permissions may be set up you can review the roles available in Signority. You don’t want everyone in your organization being able to view the documents sent by legal or finance, do you?

Here is a bonus feature. The Retention feature. Depending on the industry you work in your organization may be required to have a retention policy. If you are unsure whether you need a retention policy I strongly encourage you to do some research to find out. Interdyn has a great article called Data Retention Policy 101 that reviews what a retention policy is, the questions you need to ask, and how to set one up. I highly recommend you read this if you do not have a policy in place.

A retention feature allows you to apply your retention policy to all the documents that have been signed digitally. And a good one will allow give you ways to automate the whole process. This post gives a good overview of a retention feature and the options available within one. You will see it is easy to set up and helps you ensure compliance.

And those are the basic security features you need in an eSignature platform.

Look out for next weeks edition where I will review the differences between Adobe Signature and Signority eSignatures in the post, “Adobe vs Signority“.

Until then, have a great week and stay safe.

Security Features You Need in an eSignature Platform

Your organization has decided to start using eSignatures and you have been tasked with researching the different options available in the marketplace. The first thing you have to do is research the basic security features you need in an eSignature platform. Then you can move on to the obvious, Price, Ease of use, Scalability, Reviews, and Features.

Why? Because you need to ensure all your documents and data is protected. You also have to ensure the signatures can be verified.

In order to ensure the integrity and veracity of the final document and signatures you need to be able to:

Secure the document and signatures
Verify the signer’s identities
Protect any confidential information entered
Track the document and signatories
Restrict access

Here are the basic security features you need in an eSignature platform:

Digital Signatures
Masked Text
Signer Identity Verification
Multi-Factor Authentication (MFA) and Single Sign On (SSO)
Audit Trail
Team Account Roles & Permissions