Digital security and authentication are both rapidly developing fields and offer developers many options to secure their applications and networks. However, with abundant approaches available, it can be difficult for newcomers and veterans alike to sift through all the options.
At SharePass, we’ve spent much effort developing dedicated solutions for confidential data sharing. Consequently, digital security, integrity, and accessibility are at the heart of who we are. In this article, we’ll walk through
The Security Funnel
The first thing to remember is that not all data is created equal. With SharePass, businesses and individuals can sort their data into tailored segments based on the degree of sensitivity and privacy required. Once earmarked, the data is automatically converted into an encrypted link guarded by a customizable series of privacy and access controls. Clicking the link decrypts the data, but only once 8 checks are successfully verified.
Step 1: Validity
When a user clicks on an encrypted link (to decrypt it), first, SharePass’s algorithm determines whether the ID is valid. An invalid ID, which SharePass has not issued, may result from an innocent mistake or a malicious actor attempting a brute force attack.
Step 2: Existence
Even if an ID is valid, it still may not exist in the SharePass database. That situation can happen because the user deleted the data, their account has been deactivated, or the link has expired. However, if the ID is valid and existent, the user passes to the next stage.
Step 3: Visibility
Visibility is the first user-controlled step of the funnel. SharePass users are given the option to limit data access to pre-approved IP addresses. If an IP is not on the list, it’ll immediately be filtered out.
Step 4: Availability
Even users with approved IP addresses can face several vertical and horizontal limitations. For example, the link can be set to only become active during a limited time window (a horizontal control) or can be set to expire after being clicked a certain number of times (a vertical control).
The Visibility and Availability checks work in tandem to provide users with maximum filtering capabilities. Data is made accessible on a need-to-know basis and is otherwise blocked by default. The availability and visibility stages conform with Zero-Trust principles and help mitigate most social engineering attacks and dark web threats.
Step 5: Accessibility
If the data owner wishes to lock all access to a particular data set, the SharePass portal allows users to do so at any time. Once locked, anyone who has made it this far down the funnel stops short.
Step 6: Authorization
Final user-controlled stopgate. Authorization checks for any preset PINs, MFA codes, or YubiKeys. In addition, SharePass is developing a new security protocol called
Step 7: Decryption
If all the above safeguards check out, the encrypted data is retrieved from the database and sent to the requester’s web client for decryption. It is essential to only decrypt the data on the local device while maintaining a fully encrypted database.
Step 8: Plain Text
At this point, the secret is communicated back to the data owner and logged by the portal.
With all the available security decisions, the target is not always to shoot for maximum coverage but instead adopt flexibility and durability. While it’s impossible to cover every use case in advance, a genuinely proactive security funnel provides users with a robust set of tools so that they retain control over their data at every step of the way.
Don’t risk it, SharePass it!
To learn more about SharePass or sign up for a free trial, visit