Skip to main content

An inside look at how Genetec manages evidence

Our support team begins using Genetec Clearance to investigate all customer queries

When organizations need to provide access to digital files and documents to their business partners, they often turn to file sharing and hosting services. Given that most networks, servers, and programs are easy to learn and operate, users are able to upload, download, and view files based on their own requirements. But, without the proper security measures in place, file sharing can pose serious risks to companies that negligently distribute or store their login credentials.

Our own experience with sharing files

Here at Genetec, we have a dedicated support team that our customers can contact to investigate, analyze, and troubleshoot any technical issues with our products. With about 125 support staff members worldwide, our team is constantly sharing information with clients to ensure we execute all investigations securely and with integrity. Over the span of just a few months, we typically share more than two terabytes worth of system files throughout the investigation process.

Recently, all support team members received access to our own digital evidence management system (DEMS) to inspect customer-related issues. Genetec Clearance™ helps users manage their storage and digital evidence from cameras and other devices. It’s a simple, secure and flexible way to help accelerate investigations by facilitating collaboration.

Not only will this transition ensure that client information remains secure, Genetec Clearance is also compliant with the General Data Protection Regulation (GDPR) and allows many more opportunities for flexibility. Here is the story of why we decided to use our own DEMS to store all client investigations.

The limitations of previous file-sharing services

For many legacy file sharing systems, file size limits were always a concern. As data storage requirements for companies grew exponentially over a short period, few services were able to adapt to an increasingly data-driven marketplace.

File Transfer Protocol (FTP) sites sought to rectify this problem. By using a server to transmit files between organizations, this method of file sharing allowed users to create folders and upload data without having to worry about storage limits. For years, we used secure FTP sites to pass information between customers and our support team.

While FTP sites are user-friendly and require minimal integration, they still lack certain functionalities that we value. For instance, even though files stored on an FTP site are secure, the data is vulnerable if an unauthorized third party gains access to its login credentials. In other words, anyone who has a client’s username and password, which are often in plain text form and sent via email, could possibly violate any information on an FTP site.

There are additional security issues that come along with FTP sites. Although servers have specific retention policies, they require manual intervention and have no intelligence behind them. Once a period for a policy is set, the site permanently deletes files that do not fall within that interval. This feature can cause strife for organizations that need to keep data from various periods.

Furthermore, FTP sites do not have audit trails that detail when a user views, uploads, or downloads a file. If ever a breach occurs, there is little information to detect who caused the violation. Links to FTP sites do not expire either, further exposing companies that do not manage or update their servers regularly.

All of these concerns led us to work towards a more secure solution for our clients.

Making the move away from FTP sites

Although there were no incidences of a breach at Genetec, the time had come to push for more protection. The decision to pursue this goal came about after the European Union implemented GDPR in May 2018, which aims to give individuals more control over their personal data and simplify the regulatory environment for international business.

“We started looking at potential risks that we have in our day-to-day tasks and how we can secure the customer’s data,” says Hiba Elshobary, Technical Lead at Genetec. “How could we do our part, be proactive, and not come face-to-face with a situation where someone’s data got leaked?”

Discussions and brainstorming sessions took place, and conversations eventually turned to the support team. Some felt the team’s procedures could benefit from a review because of all the data they send back-and-forth between customers. They saw Genetec Clearance as a comprehensive solution.

“The functionality in the back-end is there, it’s secure, and it’s GDPR-compliant,” Hiba says. “So, it was a perfect match. Genetec Clearance has everything we need that the FTP site delivered, plus additional reliability, security, auditing, and permissions access.”

Today, support team members no longer use the FTP method of file sharing. Rather, every employee accesses the solution to address specific customer needs. By giving all support staff a key to the digital evidence management system, clients know that they can contact our team whenever an issue arises and someone will be there to help them with their queries.

But just how does Genetec Clearance differ from an FTP site? What benefits the DEMS provide and how does it enhance the support process? As you will read, the advantages to this in-house system are many, varied, and immediately noticeable.

Genetec Clearance: A collaborative solution

Unlike FTP sites, support team members administer all investigations in the digital evidence management system. If a customer requires access to a case, our team will create a Genetec Clearance website that is specific to their issue and invite them to join via email. In addition, there is no single username and password to access the site. All first-time users create their unique passwords prior to logging into a case. This step adds an extra layer of protection to the investigation.

Moreover, our employees manage user rights within the Genetec Clearance website. Whether a customer requires read, download or upload access, they must contact our support team to set up an account with their specific permissions. This also applies to any additional profiles a client wants to add to an ongoing case file. Admin access only lies at Genetec for the safety and security of our customers.

Every piece of evidence and action made within the solution is also tracked and logged. Whereas FTP sites do not have audit trails that list a user’s actions, our employees can identify when someone accesses a file and what they did while on the site. This auditing feature ensures that client information is secure and encrypted. No longer are clients required to guess who did what within an investigation — our support team has that information on-hand at all times.

Retention policies in Genetec Clearance can be automated based on specific client requirements, which makes data storage and destruction far simpler than an FTP site. Each unique investigation has a default retention policy that our support team sets up at its start. The site then gives customers the authority to configure the policy so it abides by their specific preferences. Once we close an investigation, the retention policy kicks in and deletes the data. That way, if a case goes beyond the original retention policy, customers do not lose the data that they are still using.

Finally, and most importantly for some of our clients, Genetec Clearance makes file sharing simple and secure. We anticipate that by using this solution, customers will realize that a DEMS can benefit different segments of their operations. Case sites encourage collaboration among users and help them to manage digital files efficiently and effectively.

“Seeing how intuitive it is and how easy it is for customers to share files — not just with the support team — I think it’ll open up doors,” Hiba says.

Do you think your organization could benefit from Genetec Clearance? Learn more about our digital evidence management system.