SHARING

Technological Area:

The invention relates to a data isolation method and system that enables documents in the enterprise data warehouse to be viewed and edited without downloading and shared in a controlled manner, preventing the document from being printed and copied and leaked from the enterprise data warehouse.

State of the Art: Nowadays, studies and methods are applied in almost every sector to protect the data and documents owned by the enterprises. Since documents and the data in documents are in electronic media in almost every sector, there is always the risk of leaking. In order to prevent these leaks, although the states have implemented certain laws, illegal acts can be performed maliciously or unintentionally. In this regard, enterprises use various systems, software and methods to protect themselves. The invention subject to the description relates to an isolation method and system that prevents downloading, sharing and printing of the data in the documents and documents owned by the enterprises, allowing preview and editing without downloading.

In the state of art, huge data warehouses of the enterprises are used. In these data warehouses, nearly infinite number of documents that are vital for enterprises and the customers they represent are stored. Documents received from this data warehouse can be downloaded, copied and printed by employees. The invention subject to the description reveals an isolation method that prevents the employees in the enterprise and/or persons or institutions (customers, business partners etc) from leaking documents in a way that does not interfere with their work.

In the literature search, patent document numbered TR2015/16751 and named "Security system for digital data systems" was encountered. In the document, a device for the safe transfer of digital data and the operating algorithms of the device are given, and no isolation method is provided.

As a result, there is a need for a document sharing method and system where the state of the art is exceeded and its disadvantages are eliminated.

Brief Description of the Invention:

The invention is a document sharing method and system that exceeds the state of the art, eliminates its disadvantages, and includes additional features.

The aim of the invention is to introduce a data isolation method and system that enables documents in the enterprise data warehouse to be viewed and edited without downloading and shared in a controlled manner, preventing the document from being printed and copied and leaked from the enterprise data warehouse.

Another purpose of the invention is to introduce an isolation method that prevents the employees in the enterprise and/or persons or institutions (customers, business partners, etc.) who need to share documents from leaking documents in a way that does not interfere with their business.

Another purpose of the invention is to introduce a data isolation system where text-based files (txt, html and similar) in the enterprise data warehouse can be viewed and edited, PDF files can be viewed, picture, video and audio files (jpg, gif, png, mov, mp3 etc) can be viewed, office files (doc , docx, xls, xlsx, ppt, pptx) can be viewed and edited. Another aim of the invention is to introduce a data isolation system in order to prevent documents from being printed, shared, copied with photographs and similar ways.

The invention in question is a data isolation method and system that enables the documents in the enterprise data warehouse to be viewed and edited by sharing in a controlled manner without downloading, preventing the document from being printed and copied and leaked from the enterprise data warehouse and which will emerge from the following detailed description. Its features are; being characterized by the fact that it includes at least one data control and sharing module integrated into the enterprise data warehouse, which prevents printing and copying, has an isolation sub-module that enables document viewing without downloading text-based documents, PDF documents, picture, video and audio files, office file documents in the enterprise data warehouse (10).

Description of the Figures: The invention will be explained by making references to the enclosed figures, therefore the characteristics of the invention will be understood more clearly. However, the purpose of this is not to limit the invention with particular embodiments. On the contrary, it is intended to cover all alternatives, modifications and equivalents which may be included within the field in which the invention is defined by the enclosed requests. It should be understood that the details shown habe been provided to ensure the demonstration of preferred embodiments of the present invention and shaping of the methods and to provide the most useful and understandable definition of the rules and conceptual features of the invention. In these figures:

Figure - 1 is the schematic view of the inventive isolation method and system. The figures that will help understand this invention are numbered as specified in the enclosed image and given below along with their names.

Description of the References:

10. Enterprise data warehouse

11. User profile files

12. Network disks

13. Public folders

14. User work spaces

15. Document

20. Data control and sharing module

21. Insulation sub-module

22. Preview document

23. Document editing

24. Printing and copying blocking

Description of the Invention:

In this detailed description, the isolation method and system which is the subject of the invention is demonstrated with examples without any limiting effect for better understanding of the subject. In the description, a data isolation method and system that enables the documents (15) in the business data warehouse to be viewed without downloading and shared in a controlled manner and to edit on the document (15), preventing the document from being printed and copied and leaked from the enterprise data warehouse is described.

In Figure 1, a schematic view of the subject matter insulation system and method is given. Accordingly, in the isolation system and method, user profile files (11), network disks (12), public folders (13) and documents (15) in the user work spaces (14) can be shared, viewed and the document (15) can be edited in isolation sub-module (21) without downloading with control and sharing module (20) integrated into enterprise data warehouse.

The data control and sharing module (20) of the invention can be installed as an additional layer to the existing system without changing the operation of the enterprise data warehouse (10), enabling them to use their existing authorizations and processes in an integrated manner with additional features. As the file source to the data control and sharing module (20); user profile files (11), (VDI structures), Folder Redirection, network disks (12), public folders (13) and user workspaces (14) (home folder) can be added.

The users integrate common areas (13), authorizations, users and groups over the data control and sharing module (20), allowing documents (15) and data to be managed on-site without copying.

Common areas (13) are areas that can be viewed by everyone, but can only be accessed by users with access authorization. Private network folders are the public area (13) folders requested by the user. The data control and sharing module (20) can be integrated into the system with all user access privileges (user authorization to access this area) and operation authorizations (viewing, reading, writing, full control etc) both in the common area (13) and private network folders.

The users' profile files (11), data control and sharing module (20) are included in the access area. The user can perform file operations in all areas and can view hundreds of formats without downloading. Some file formats can even be edited through the system.

The users are authorized to access to the above-mentioned areas (NTFS) and within the rules specified by data control and sharing module (20) to all documents over data control and sharing module (20) access points (Web APP, Mobile APP, Outlook Add in, Office Add in) and make operations. The data control and sharing module (20), which is the subject of the invention, enables hundreds of documents (15) in different formats to be viewed without downloading (22), document editing (23), printing and copying prevention (24) through its isolation sub-module (21). With the isolation sub-module (21) of the invention, text-based files (txt, html and similar) in the enterprise data warehouse (10) can be viewed and edited, PDF files can be viewed, picture, video and audio files (jpg, gif, png, mov, mp3 and etc ) can be viewed, office files (doc, docx, xls, xlsx, ppt, pptx) can be viewed and edited. Office files can be edited online via an integrated office program on the user server without requiring any additional software, license and downloading.

In the data control and sharing module (20), documents (15) shared within the authorization to write with the sharing feature can be arranged in real time with the shared person. Via the data control and sharing module (20), a new office file (doc, docx, xls, xlsx, ppt, pptx) can be created and edited and shared. The data control and sharing module (20) has thus been made available not only for the purpose of organizing the documents (15) existing in the enterprise data warehouse (10), but also for creating a document (15) from scratch. Creation date, date of issue, size, sharing authorization status and similar information pertaining to the documents (15) created with the data control and sharing module (20) can be displayed.

In the state of art, documents (15) received from the enterprise data warehouse (10) are shared with external or internal users via mail, link etc. However, in these shares, control over the documents (15) is lost from the moment they are shared. In order to prevent leakage problems, the data control and sharing module (20) provides a secure isolated area with the isolation sub-module (21) to ensure that data can be shared securely, all necessary activities (document viewing (22), document editing (23) and blocking printing and copying (24), while ensuring that it is performed within the system, it also prevents the recording and sharing of documents (15) and data with external sources. In the enterprises, both internal and external sharing may be required in cases where the downloading and printing of the documents (15) is not desired and in case of need. Thanks to the insulation sub-module (21), in such cases, the document (15) is only shared with the preview option. A document (15) shared only with the preview authority can be viewed through the data control and sharing module (20), but the options for downloading, copying and printing its content are prevented. If the document on the screen (15) is photographed, it is revealed through which user the information is leaked through the security watermark.

In the invention, there is a personalized and instantly created watermark on the document (15). Thanks to this watermark, if the recipient shares this document (12) with third parties, who shared the document (12) can be determined. The watermark also contains detailed information that can constitute evidence as a timestamp, including when the document (12) was downloaded and which IP it was downloaded from. Thanks to the watermark, this data can be accessed even if the document (12) is shared as a screenshot.