The Security of Data, Financial or otherwise, has always been a matter of   concern.   Most  business  depend  on  the   confidentiality   of information, and go to extreme lengths to keep information secret.

The advent of computers degraded this ability considerably.  Suddenly, physical  protection  of books was no longer possible,  and  virtually anyone who had access to the computer, had access to the  information.

This has hampered the usage of computers.

The fear, in fact, is real. The paranoid are not the only ones  afraid of information leakage.

Encryption  of  Data  on  a  computer  offered  the  first   solution. Encryption means converting the normally recognisable information into garbage,  which  can  only be reconverted by  authorised  persons.  An authorised person would be checked against a Password.

The  pitfalls are, the most Encryption methods are  easily  deciphered  That  is to say, a reasonable amount of time and effort by a  Computer Programmer,  could  get  the original  information  back  without  the password.  To  counter this problem, advanced studies have  been  made across  the  world, to come up with techniques  of  encryption,  which CANNOT  be broken using mathematical tools. One such method  has  been called  the  "Data  Encryption  Standard", and  the  system  has  been published by the "American National Standards Institute" or ANSI. This is  the  accepted  standard of encryption used  even  in  such  highly sensitive area like Banking and Defence.

Despite  this  apparent Final Solution to the problem  of  Encryption, there remained the fear of Password Detection. Most software  programs which offer encryption, do so with the "stored password" concept. This means,  that  the original password is kept in some  form  (internally encrypted  or  not), which it uses to verify the  genuineness  of  the authorised  person.  Once  again,  it  would  become  possible  for  competent  programmer, to gain access into the system  by  discovering the password.

Lastly the problem of latent storage remained. Most computer users are aware,  that simple deletion of a file from the disk, does not  remove the  information on it. Thus, encryption mechanisms which  dealt  with un-encrypted data, would leave the original and intact information  in some  form or the other. Apart from this, if a power-failure  occurred while  processing  the  original information, the  facility  would  be useless,  as on power-on, the un-encrypted information would be  found on the hard disk.

This brings us to TALLY. In keeping with its basic philosophy, that  a facility made available to a user is to be complete in every  respect, TALLY  evolved  the concept of TALLY Vault. At its very  basic,  TALLY Vault   guarantees,   that  under  no  Circumstances,   the   original information  is available in any form. The technique could be  likened to "encryption-decryption-on-the-fly", and the decrypted form of  data is  never  stored in the system. Apart from this, it  uses  the  "non- stored  password" mechanism. This implies, that the original  password provided  by the user is not retained on the system. This  of  course, raises the question, that if the password is not stored, then how  can any  Software check whether the person giving the password is  genuine or  not? TALLY uses highly advanced mechanisms to validate a new  user 


The  combination of these facilities means, that TALLY  Vault  becomes one of the most SECURE MEANS OF INFORMATION STORAGE. Indeed, it can be safely  said, that "IF YOUR FINANCIAL INFORMATION IS SENSITIVE,  DON'T WRITE IT DOWN, TALLY Vault IT".

No comments:

Post a Comment