Meeting TISAX Standards with PKWARE, Part 3: Mobile Storage

Automotive suppliers must meet TISAX data security standards in order to do business with any major German automobile company. PKWARE helps companies simplify TISAX compliance by providing a wide range of capabilities to address multiple requirements. In our TISAX blog series, we're examining the requirements auto industry suppliers and service providers must meet, and how PKWARE is helping organizations meet those requirements.

Today's topic: sensitive data saved on mobile storage devices.

The use of mobile storage devices, such as USB thumb drives, poses a significant risk to data exposure, as we saw in 2018's Heathrow Airport breach. So, it’s not surprising that automotive companies are concerned about the use of mobile storage devices by their suppliers and service providers.

To meet TISAX standards (specifically section 8.3), automotive companies must define the measures they take to make sure sensitive information on mobile storage devices doesn’t fall into the wrong hands—especially if a device is lost or stolen.

While mobile storage devices themselves need to have native security measures activated, that protection only goes so far. PKWARE can augment mobile storage security by protecting files with persistent strong encryption. Persistent encryption remains with files even when transferred between devices or other media, keeping the files inaccessible to unauthorized users.

Why persistence matters

PKWARE’s Data Security Platform can automatically apply persistent strong encryption to files based on classification labels or other parameters (defined by policies). As part of the automated security workflow, the security policies are applied to the files before they ever hit the mobile storage device.

How is this different from other encryption solutions? Many other solutions only encrypt “data at rest”—which means that as long as the files are in a “secure location,” they’re protected. But copy the file onto a mobile storage device (or copy it to Dropbox, or an Azure instance, or anywhere but that secure location), and the file loses its protection.

In this scenario, your employees might be walking around with dozens of unprotected files in their pocket.

Passing your assessment—and staying compliant

PKWARE also allows your organization to combine data discovery scanning and encryption in a single workflow, so whenever an employee creates a file that has sensitive data in it (as defined by your policies), persistent strong encryption can be applied automatically—and immediately. Your security workflows can be set up in many different ways, but this automated data security workflow is unique to PKWARE.

With PKWARE’s automatic policy enforcement and persistent strong encryption, you can be confident that any systems with sensitive data you have will meet TISAX standards for data protection—even when files get copied onto mobile storage devices.