Pushes are a secure way to transmit sensitive data, such as text, files, or URLs to end users. This feature allows you to send confidential information to users without compromising their security or exposing sensitive data in logs, email, or chat.

Pushes are often used for employee on-boarding, sending new account credentials, transmitting secure files and more.

Why are Pushes Needed?

Traditional methods of transmitting sensitive data, such as email or chat, can pose significant security risks. Logs, email, and chat platforms are vulnerable to unauthorized access, and sensitive information can exist forever and be exposed to unauthorized parties. Pushes provide an additional layer of security by encrypting and securely transmitting sensitive data to end users.

Pushes automatically expire and self-delete.

Benefits of Pushes

  1. Enhanced Security: pushes ensure that sensitive data is transmitted securely, reducing the risk of unauthorized access or exposure.
  2. Observable Lifecycle: pushes include an comprehensive Audit Log that tracks the entire lifecycle of a push from creation to expiration and deletion. Audit Logs are available indefinitely and also show failed access and unauthorized access attempts.
  3. Automatic Deletion: Pushes automatically expire and self-delete after a preset duration of number of views. Transmitted information is irretrievable after push expiration.
  4. Compliance: pushes help organizations comply with regulatory requirements, such as GDPR, HIPAA, and PCI-DSS, by minimizing the risk of sensitive data exposure.
  5. Improved User Experience: pushes provide a seamless and secure way to transmit sensitive data, reducing the need for users to share sensitive information through insecure channels.
  6. Reduced Risk of Data Breaches: By encrypting and securely transmitting sensitive data, pushes reduce the risk of data breaches and minimize the impact of a potential breach.

Automatic Expiration and Deletion

Pushes are designed to automatically expire after a duration or number of views, ensuring that sensitive data is not retained for longer than necessary. Once a push has expired, the payload is deleted entirely, leaving no trace of the sensitive data.

Comprehensive Life Cycle Tracking

The entire lifecycle of creation, access, retrieval, and deletion is tracked and logged providing a clear audit trail of all activities related to the push. This includes:

  • Timestamps of creation, successful & failed access, expiration and deletion
  • IP addresses, browser signatures and device information of users accessing the push
  • Details of the push, including the type of data transmitted, expiration & deletion status
  • Confirmation of deletion, ensuring that sensitive data is completely removed from the system

What do End Users See?

When an end user access the secret URL to a push, they will see a simple, unbranded delivery page that provides only the contents of the push. This page is designed to lower user confusion and provide a seamless experience for the end user.

Push with Text

Push with Files

Expired Push

Best Practices for Using Pushes

  1. Use Shorter Expiration Windows: The less time that sensitive information access is possible, reduces the risk of exposure. Limiting the duration and number of views that push provides increased security.
  2. Use Compartmentalization: Do not send passwords along with usernames or where they go to. Instead, use separate channels for transmitting passwords and other sensitive information.
  3. Monitor Push Access & Expiration: Make sure your users retrieve the information sent to them and that the push is expired appropriately and as quickly as possible.
  4. Use Passphrase Lockdown: Use the passphrase lockdown feature to require users to enter a preshared secret to access the contents of the push. This adds an additional layer of security and ensures that only authorized users can access the sensitive data. Both failed and successful passphrase attempts are tracked in the Push Audit Log.

Summary

Pushes provide a secure and efficient way to transmit sensitive data to end users. By encrypting and securely transmitting sensitive data, pushes reduce the risk of unauthorized access or exposure, improve user experience, and help organizations comply with regulatory requirements.

Updated: