| WO/2017/058301 | ZERO READ ON TRIMMED BLOCKS IN A NON-VOLATILE MEMORY SYSTEM |
| WO/2011/123699 | SYSTEMS AND METHODS FOR SECURING DATA IN MOTION |
| WO/2013/026086 | VIRTUAL ZEROISATION SYSTEM AND METHOD |
| WO2008065343A1 | 2008-06-05 | |||
| WO2003040869A2 | 2003-05-15 |
| US20150006895A1 | 2015-01-01 |
| CLAIMS 1. ❖ A system that allows tracking and managing sharing processes of data (A) such as internal and/or external files and folder; making these processes more secure and preventing data (A) leakage in these processes; said system comprising of: multiple user equipment (2) such as computers, smart devices and similar that allow sending or receiving data (A) such as files and folders belonging to users (B) who are recipients and/or senders and/or users (B) in groups of multiple recipients via its web interface and/or application and/or Outlook Add-in, characterized in that said system contains: o at least one control module that communicates with user equipment (2) through an internal network or external network such as the Internet, o identifies username and password so that users (B) with user equipment (2) can use the system (1), o enables users (B) logging into the system (1) with their username and password to send data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o enables secure transfer of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o enables users (B) to perform authorizations for data (A) in transfers of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o creates authorization maps for the authorization processes, o provides the control of the content of the data (A) sent and received during the transfers of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) and realizing or blocking transfers based on such control, o enables access of users (B) who log into the system (1) through the web interface and/or application and/or Outlook Add-in to data (A) that they own or add to any public and private network or send via attachment (internal/external) and/or link (internal/external) and/or through direct sharing (internal) or receive from other users (B) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) and delete, o allows users (B) to make a search in order to find data (A) in their accounts, o ensures that notifications of all transactions are forwarded to users (B), o cooperates with internal departments, department managers and managers of the system (1) and ensures that decisions are implemented, o transfers data (A) in an approved and/or unapproved manner between user equipment (2), and o - reports all transactions to users (B) 2. A system (1) according to Claim 1 , characterized in that said system (1) includes user equipment (2) allowing the user (B) to log into the system (1) with his username and password and to share and receive data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal). 3. A system (1) according to Claim 1 or Claim 2, characterized in that said system (1) includes user equipment (2) enabling the user (B) to determine data (A) to be shared and type of sharing of data (A) in the form of view (view only), read (download document), read & write (download + edit), full control (download + edit + view + write) and full control & share (download + edit + view + write + share) during data (A) transfers via direct sharing (internal). 4. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) enabling the user to determine data (A) to be shared and type of sharing for these data (A) such as view, upload or download authorizations separately or multiply during data (A) transfers via a link (internal/external). 5. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) allowing the user (B) to rearrange the authorizations previously made at any time after the transfer of data (A) via direct sharing (internal) and/or link (internal/external). 6. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) allowing the user (B) to determine data (A) to be shared via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) and period for sharing these data (A). 7. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) allowing the user (B) to determine data (A) to be shared via attachment (internal/external) and/or link (internal/external) and to which recipient(s) or groups these data (A) will be sent. 8. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) allowing the user (B) to determine data (A) to be shared via direct sharing (internal) and to which recipient(s) or groups these data (A) will be sent. 9. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3), wherein said control module (3) communicates with the user equipment (2), analyzes the authorizations of data (A) to be transmitted via direct sharing (internal) method, blends the authorizations granted by user equipment (2) with internal mechanisms and creates a new sharing authorization without revoking any other authorization. 10. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) generating a static password, i.e. type of password that the sender manually enters or an instant password, i.e. type of password generated and sent to the recipient at the exact moment that the data (A) are accessed for data (A) transmitted as an attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal). 11. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) adding IP restriction to data (A) transmitted via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal). 12. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) sending data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) to the e-mail address of the recipients, providing a unique transfer of data (A) for each e- mail address added and thus, monitoring by means of the control module (3) accesses by recipients to data (A) on the basis of each recipient. 13. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) generating a static link, sending data (A) via attachment (internal/external) and/or link ensuring that data (A) is shared with the recipient in the form they are sent or a live link allowing data (A) to be shared when the recipient accesses to data (A) and data (A) is immediately reflected to the recipient if the sender makes modifications in the data (A). 14. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes user equipment (2) automatically converting data (A) into a link when data (A) is to be shared in the form of attachment and the size of such data (A) exceeds a particular memory storage space and sending the data (A) converted into a link to the recipient's e-mail address. 15. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) reporting the shared authorizations and presenting these reports to users (B) in the form of graphs to be displayed by the user equipment (2). 16. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) displaying to users (B) via a tree structure all shares made by the senders, changes made by the recipients on these shares and re-shares by the recipients. 17. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) reporting in detail which user (B) has the right to access to data (A) and when and which user (B) has made changes on which data (A). 18. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) enabling users (B) to access to previous versions of data (A). 19. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) tracking data (A) sharing; capturing and reporting the out-of-the-box actions and in such cases, preventing data (A) sharing. 20. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) assigning an admin role to the representative of every department within the organization, analyzing errors in the authorizations of users (B) with the help of the representatives of departments and ensuring that these authorizations are corrected as necessary. 21. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) allowing users (B) who are the recipient and the sender to work jointly on the same data (A) and ensuring that modifications are instantly viewed by the recipient and the sender. 22. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) enabling the recipient to view the shared data (A) without download via the user equipment (2) and, if desired, modify the data (A) within the limits of his authorization. 23. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) enabling the user to select the folder and files in that folder as data (A) using the user equipment (2) and after this selection, allowing the recipient to add or delete files from the folder, apart from the files within the folder, based on the authorizations. 24. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) allowing the same user (B) to use different user equipment (2) and thus, enabling the user (B) to send data (A) into the user equipment (2) he uses at work within the limits of his authorization through the user equipment (2) he uses when he is not at work; edit the data (A) in the user equipment (2) used at work or delete the data (A) in the user equipment (2) used at work. 25. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) using the DMZ layer installed by the IT department when data (A) are to be sent from internal network to external network and managing which users (B) can pass the DMZ (Demilitarized Zone) layer and share the data (A) with the outside. 26. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) scanning all data (A) in the system (1), analyzing the structure of the data (A) with the support of machine learning, capturing and quarantining data (A) and blocking data (A) sharing with potentially malicious software. 27. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) scanning all data (A) for malware. 28. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) filtering data (A) that enter into the system (1) or exit from the system (1) through DLP (Data Loss Protection) ruleset and capturing and quarantining said data (A) and blocking data (A) sharing if data (A) are against its rule structure. 29. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) regulating which operations (such as view, modification, etc.) users (B) can perform on data (A) within the limits of their authorization and the environment (private network folder, public network folder) of user equipment (2) in which these operations can be performed. 30. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) presenting the data (A) sharing between the users (B) to the approval of the authorized person in the module and thus, enabling the authorized person to deny the sharing process between the users (B) and block it. 31. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) notifies the authorized person in the module of the quarantined data (A) and ensures that the data (A) are shared or deleted as per the decision of this person. 32. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) adjusting the speed of data transfer (upload/download speed) for specific time intervals, operations or users (B). 33. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) enabling users (B) to make root word- based searches among their data (A) using their user equipment (2) and thus, accessing data (A) with the specified root word and all words with prefixes and suffixes. 34. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) providing information to the sender on all processes such as view, modification, download of data (A), IP address used for access to data and the time. 35. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) allowing the senders to block access to data (A) or change the authorization of the recipients at any time after the transfers of data (A). 36. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) allowing the senders to place a watermark on data (A) they send, wherein the watermark includes information such as the sender, the time of data (A) transmission, the recipient and IP address, whereby only the recipients with the authorization to read can take photographs of data (A) and thus, the recipients are prevented from sharing data (A) illegally. 37. A system (1) according to any one of the preceding claims, characterized in that it includes the control module (3) enabling the deactivation of the print feature for data (A) sent by the senders and thus, preventing the receivers from printing the relevant data (A) illegally. 38. A system (1) according to any one of the preceding claims, characterized in that said system (1) includes a control module (3) sending a confirmation to the user equipment (2) of the recipient if the sender adjusts confirmation requirement before the transmission of data (A) using the user equipment (2) and granting access to data (A) to the user equipment (2) of the recipient if this confirmation is accepted and ensuring that the user equipment (2) of the recipient has direct access to data (A) if the sender does not adjust confirmation requirement prior to the transmission of data (A). |
Technical Field
The present invention relates to a system that allows tracking and managing sharing processes of data such as internal and/or external files and folders and making these processes more secure and preventing data leakage in these processes.
Background Art
In current systems, sharing data such as internal files and/or folders is realized over public network folders. Only an organization's IT department can regulate and manage the individuals who are authorized to handle such data. The people who share data cannot directly view who has the right to access the data they share. Thus, for example, when any staff member is transferred to another department, unauthorized or erroneous access attempts cannot be tracked. This will put your data security at risk.
In current data sharing processes, systems can be easily exploited by modifying the extensions of the shared data. By changing the extension of malicious data, these data can be shown as harmless and these data are allowed to pass through the security layers. This causes serious damage to systems. In existing systems, the extension of data is controlled only through Mime Type (Multipurpose Internet Mail Extensions Type) or directly through the extension name. Such controls cannot prevent systems against exploitation.
Today, data can also be shared on the link. Today, configurations where such traffic is tracked, and data security is monitored are not available.
The Patent Application No. TR2009/09917 describes user equipment that is compatible with informatics and multimedia devices, a control device used for informatics and multimedia purposes, wherein such device allows to operate the user equipment and files kept on remote memory, and a system equipped with a host machine with the capability of locating and remote memory; said remote memory enabling file creation with digital content. Said system enables secure communication between information and multimedia devices and secure data sharing between these devices. The data- sharing processes in the relevant system include differences from the present invention. In addition, the security mechanisms used in the relevant system are highly insufficient compared to the present invention.
As a result, further development is needed in the technical field due to the above- mentioned drawbacks and the inadequacy of the existing solutions.
Object of Invention
The present invention is inspired by the present situation and an object of this invention is to overcome the above-mentioned drawbacks.
An object of the present invention is to ensure that the sharing processes of data such as internal and/or external files and folders are tracked and managed, to secure these processes and to prevent data leakage in these processes.
The structural features and characteristics and all advantages of the present invention will now be described in more detail with reference to the accompanying figures and the following specification.
Brief Description of Figures
Figure 1 is a schematic representation of the system according to the invention. Reference List
1. System
2. User equipment (UE)
3. Control module
A. Data
B. User
Detailed Description of the Invention
In this detailed description, the preferred embodiments of the system (1) are described to provide a better understanding of the invention. The present invention relates to a system (1) allowing tracking and managing sharing processes of data (A) such as internal and/or external files and folders, making these processes more secure and preventing data (A) leakage in these processes.
The system shown in Figure 1 comprises of (1):
❖ multiple user equipment such as computers, smart devices and similar that allow sending or receiving data (A) such as files and folders belonging to users (B) who are recipients and/or senders and/or users (B) in groups of multiple recipients via its web interface and/or application and/or Outlook Add-in (2),
o at least one control module that communicates with user equipment (2) through an internal network or external network such as the Internet, o identifies username and password so that users (B) with user equipment (2) can use the system (1), o enables users (B) logging into the system (1) with their username and password to send data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o enables secure transfer of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o enables users (B) to perform authorizations for data (A) in transfers of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal), o creates authorization maps for the authorization processes, o provides the control of the content of the data (A) sent and received during the transfers of data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) and realizing or blocking transfers based on such control, o enables access of users (B) who log into the system (1) through the web interface and/or application and/or Outlook Add-in to data (A) that they own or add to any public and private network or send via attachment (internal/external) and/or link (internal/external) and/or through direct sharing (internal) or receive from other users (B) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) and delete, o allows users (B) to make a search in order to find data (A) in their accounts, o ensures that notifications of all transactions are forwarded to users
(B), o cooperates with internal departments, department managers and managers of the system (1) and ensures that decisions are implemented, o transfers data (A) in an approved and/or unapproved manner between user equipment (2), and o reports all transactions to users (B)
The user (B) logs into the system (1) with his username and password using the user equipment (2). The user (B) logging into the system (1) can share and receive data (A) via attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal).
In the following sections of this description, the user (B) who sends data (A) will be referred to as the sender and the user (B) who receives data (A) will be referred to as the recipient and multiple users (B) will be referred to as the group. Group users (B) preferably consist of internal staff. Senders and recipients are internal and/or external users (B). The user (B) uses user equipment (2) and determines data (A) to be shared and the type of sharing of data (A) in transfers of data (A) via direct sharing (internal). Type of share may be in the form of view (view only), read (download document), read & write (download + edit), full control (download + edit + view + write), full control & share (download + edit + view + write + share). The full control & share authority is a special authority. The recipient with full control & share authority can share files/folders using the user equipment (2).
The user (B) uses user equipment (2) and determines data (A) to be shared and the type of sharing of data (A) in transfers of data (A) via a link (internal/external). Type of sharing may be in the form of viewing, uploading, and downloading. The user (B) can select these authorizations individually or in multiple using the user equipment (2).
The user (B) can reorganize authorizations by using the user equipment (2) at any time after the transfer of data (A) through direct sharing (internal) and/or link (internal/external).
After the user (B) determines the data (A) to be shared in the form of link (internal/external) and/or attachment (internal/external) and/or direct sharing (internal) using the user equipment (2), he will determine the period for sharing such data (A). For example, when sharing is performed within the scope of a project and according to any particular deadline, the recipients will no longer access to these files at the end of the project. Data (A) security is thus protected. In addition, some documents must be kept for a certain period of time in HR and accounting processes or shared with other departments. In such cases, when the period for sharing is adjusted at the beginning, legal risks will also be prevented. This feature is also very functional for submissions with limited time such as proposals. When data (A) shared within the scope of a project is created to be valid only during the project, unauthorized access can be prevented when the project is completed. If the date allowing access to data (A) is prior to the specified date, the control module (3) allows user equipment (2) to access data (A).
After the user (B) determines the data (A) to be shared via attachment (internal/external) and/or link (internal/external) using the user equipment (2), he will determine which recipient(s) will receive these data (A). After the user (B) determines data (A) to be shared by direct sharing (internal) using the user equipment (2), he will determine which recipient(s) or groups will receive such data (A).
The control module (3) communicates with the user equipment (2) and analyzes the authorization for data (A) to be transmitted by the direct sharing (internal) method. The control module (3) blends the authorizations granted by the user equipment (2) with the authorizations granted in their internal mechanisms and creates new sharing authorization that will not revoke any other authorization. For example, if the user equipment (2) defines the sharing authority of the recipient as full control & share, and the sharing authority of the same recipient is restricted to reading in the internal mechanisms, the control module (3) regulates the authority of the recipient to reading.
The user equipment (2) can set a static or instant password to data (A) it sends as an attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal). A static password is the type of password that the sender manually enters. An instant password is a password mechanism in which the password is generated and sent to the recipient at the exact moment that the data (A) are accessed.
User equipment (2) can add IP restrictions to data (A) it transmits as attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal). Thus, data (A) transmitted can only be accessed via the user equipment (2) which has one of the specified IPs. The user equipment (2) can also create an approved or unapproved IP list (also the country block) and incorporate it to data (A) it transmits.
The user equipment (2) can send the data (A) it creates as an attachment (internal/external) and/or link (internal/external) and/or direct sharing (internal) to the e- mail addresses of the recipients. The user equipment (2) provides a unique transfer of data (A) to each e-mail address added. Thus, the control module (3) can monitor accesses by recipients to data (A) on the basis of each recipient.
The user equipment (2) can create and send static or live links. A static link ensures that data (A) are shared with the recipient in the form they are sent. A live link allows data (A) to be shared when the recipient accesses to the data (A). In the live link, if the sender makes modifications in the data (A), such data (A) will be immediately reflected to the recipient. Namely, modifications made by the sender can be observed by the recipient instantly.
When the user equipment (2) wants to share data (A) in the form of attachment and if the size of such data (A) exceeds a particular memory storage space, the user equipment (2) automatically converts these data (A) into a link. Data (A) that are converted into a link are sent via the user equipment (2) to the recipient's e-mail address.
The control module (3) reports the shared authorizations and presents these reports to the users (B) in the form of graphs to be displayed by the user equipment (2). The control module (3) displays to the users (B) via a tree structure all shares made by the senders, changes made by the recipients on these shares, and re-shares by the recipients. These processes allow reporting in detail which user (B) has the right to access to data (A) and when and which user (B) has made changes on which data (A). Thus, users (B) can access previous versions of data (A) whenever they need them. In addition, which users (B) are involved in the transfer of data (A) is easily analyzed and represented by the tree structure, and if necessary, authorizations granted to improper users (B) can be easily observed. In this case, authorizations can be revoked or changed when necessary.
The control module (3) tracks data (A) sharing, captures, and reports the out-of-the-box actions and in such cases, prevents data (A) sharing. For example, if massive data (A) are shared between two users (B) for the first time or unexpected external file-sharing traffic occurs with a different user (B) or any similar situation is encountered, the control module (3) handles this as risky data (A) sharing. The control module (3) blocks such data (A) sharing and provides security by blocking the risky data (A) sharing.
The control module (3) can assign an admin role to the representative of every department within the organization. With the help of the representatives of departments, the control module (3) analyzes errors in the authorizations of users (B) and ensures that these authorizations are corrected as necessary. For example, if any user (B) working in department A is transferred to the department B, the control module (3) will determine whether this user (B) who has been transferred to the department B can still access to files related to the department A. In such a case, the control module (3), in consultation with the representative of the relevant department, makes a new authorization arrangement for the user (B) and thus, improves security.
The control module (3) allows users (B) who are the recipient and the sender to work jointly on the same data (A). Thus, for example, when the recipient is reading the data (A), the sender can simultaneously make modifications to the data (A). The control module (3) ensures that such modifications are instantly viewed by the recipient and the sender.
The control module (3) enables the recipient to view the shared data (A) without download via the user equipment (2) and, if desired, modify the data (A) within the limits of his authorization.
The sender can select the folder and files in that folder as data (A) using the user equipment (2). After this selection, the control module (3) can allow the recipient to add or delete files from the folder, apart from the files within the folder, based on the authorizations.
The control module (3) can allow the same user (B) to use different user equipment (2). Thus, the user (B) can send data (A) into the user equipment (2) he uses at work within the limits of his authorization through the user equipment (2) he uses when he is not at work, edit the data (A) in the user equipment (2) used at work or delete the data (A) in the user equipment (2) used at work. Namely, the user (B) can perform all processes while he is not at work.
Shared data (A) are often not externally accessible for security reasons. When data (A) are to be sent from the internal network to an external network, the control module (3) can use the DMZ layer installed by the IT department. The control module (3) manages which users (B) can pass the DMZ (Demilitarized Zone) layer and share the data (A) with the outside.
The control module (3) scans all data (A) in the system (1) and analyzes the structure of the data (A) with the support of machine learning. Even if the extension of data (A) is changed, the control module (3) captures and quarantines data (A) and blocks data (A) sharing with potentially malicious software. If the control module (3) detects any malicious code snippet with at least 25% probability while analyzing the data (A), it captures and quarantines data (A) and blocks data (A) sharing.
The control module (3) scans all data (A) for malware. If data (A) contain malicious content, the control module (3) captures and quarantines said data (A) and blocks data (A) sharing.
The control module (3) filters data (A) that enters into the system (1) or exit from the system (1) through DLP (Data Loss Protection) ruleset. If the control module (3) detects data (A) that is against its rule structure, it captures, quarantines the data (A), and blocks data (A) sharing. The control module (3) can detect, for example, four numbers, each with four digits and space between them, in the data (A). Thus, sharing of any possible credit card number can be prevented. Or the control module (3) can identify identification numbers in the data (A). Thus, the sharing of this confidential identity number is blocked.
The control module (3) can regulate which operations users (B) can perform on data (A) within the limits of their authorization and the environment of user equipment (2) in which these operations can be performed. For example, users (B) can read data (A) in private network folders, while these users (B) can be prevented from reading relevant data in the public network folder. Or for example, users can change folders (B) in a public network environment but only read them in the private network folder.
The control module (3) can present the data (A) sharing between the users (B) to the approval of the authorized person in the module. Thus, the authorized person can deny the sharing process between the users (B) and block it.
The control module (3) notifies the authorized person in the module of the quarantined data (A) and ensures that the data (A) are shared or deleted as per the decision of this person.
The control module (3) can adjust the speed of data transfer (upload/download speed) for specific time intervals, operations, or users (B). Thus, for example, during the operation hours of the system (1), the upload and download speeds are reduced to hinder any slowdown of devices connected to the internal network. The control module (3) enables users (B) to make root word-based searches among their data (A) using their user equipment (2). Users (B) can thus access data (A) with the specified root word and all words with prefixes and suffixes. For example, if any user (B) makes a search in the form of 'my addresses', he will access data (A) with all words containing address as the root word such as an address, its address, my address, and addresses, etc.
The control module (3) provides the sender with information on all operations such as data (A) accessed, read, modified, or downloaded by the recipients or IP address used and the time of such operations, etc.
The control module (3) enables the senders to block any access to data (A) or change the privileges of the recipients at any time after the transfers of data (A).
The control module (3) allows senders to put a watermark on data (A) they send. The relevant watermark contains information such as the sender, the time of data (A) transmission, the recipient, and IP address. Thus, only recipients who are authorized to read are prevented from photographing data (A) and sharing such data (A) illegally. If the recipients share these data (A), the sender to whom such data (A) actually belong can be conveniently determined by the watermark.
The control module (3) can enable the print feature to be deactivated for data (A) sent by the senders. Thus, recipients are prevented from printing the relevant data (A) illegally.
If the sender adjusts confirmation requirement before the transmission of data (A) using the user equipment (2), the control module (3) will first send a confirmation to the user equipment (2) of the recipient. If this confirmation is accepted, the control module (3) grants access to data (A) to the user equipment (2) of the recipient. If the sender does not adjust confirmation requirements prior to the transmission of data (A) using the user equipment (2), the control module (3) ensures that the user equipment (2) of the recipient has direct access to data (A).
The system (1) of the present invention enables safer, faster, and easier management of media without carrying the existing file media used today. The system (1) collects all the file media that the users (B) access on a single screen and provides easy file access to the users (B).