Enterprise data security solution

Corporate Data Access and Encryption Solution

Project Background

The client contacted Asapy to resolve a serious business-related issue. He represented a major player on the financial market that was deeply involved in managing securities and financial assets. The key requirement was to create a solution that would provide ultimate security of all business-critical data.

Having implemented custom data security solutions for other clients, Asapy was no stranger this business domain.

Asapy assigned a dedicated business analyst to work with the client. After a few rounds of consultations covering the key features of the future solution, use of encryption algorithms and the overall analysis of the client’s business process, Asapy presented a detailed specification that was used throughout the project.

Asapy allocated a team of 4 developers and the work on the project commenced.

Solution

The solution proposed by Asapy enabled the company to store all the data on the server encrypted with two advanced algorithms. The first algorithm, AES-128, was a standard for this type of solutions utilized by a number of government agencies around the world, while the second was developed by Asapy’s team in order to completely prevent any attempts of unauthorized access.

The system requires a USB dongle for access. One of the client’s specific requirements was to bind USB dongles to the MAC addresses of users’ PC’s to restrict access to personal documents. Senior employees have special dongles that allow access to any workstation.

In order to get access to documents and other data, the user has to plug in a USB dongle and enter an 18-character key. For extra security, the key is changed every 48 hours.

Development process

In the course of the consultations, Asapy and the client outlined the following development goals:

  • Create a secure environment to store business-critical data
  • Minimize risks of unauthorized access
  • Enable two-step validation of the security code

The detailed software requirements specification created by Asapy’s business analysts enabled the development team to work without interruptions. Before the project was handed over to the client, the Asapy QA team carried out functional testing of the solution. After fixing some minor issues unrelated to data security, the project was completed.

In the course of the project, Asapy utilized elements of the Agile methodology. Daily meetings were carried out to make sure that the team is going in the right direction. Asapy also maintained constant communication with the client and provided comprehensive reports on the status of the tasks planned for the next sprint.

Technologies

Asapy proposed Java as the main development technology for is reliability and security.

Result

Efficient communications became the key factor of the project’s success. Regular conference calls and day-to-day interaction with technical contacts on the client’s end enabled Asapy to minimize the workaround time and develop a product that fully met the customer’s requirements and expectation.

The solution delivered to the client enabled them to enforce corporate security and prevent potential data leaks.

After the completion of the project, the client is considering to involve Asapy into several other projects aimed at increasing the efficiency of their business processes.