fbpx

How it works

InCountry’s global infrastructure securely manages your regulated data.

STORE REGULATED DATA WITH INCOUNTRY

Just like with PCI compliance, your application continues to work as it always has with its own data store. InCountry augments your existing data store by adding an additional data store for regulated data.

INCOUNTRY STORES YOUR RECORDS IN TWO TOP-TIER DATA CENTERS FOR EACH COUNTRY

InCountry uses a database principle called two-phase commits to ensure that your data is kept synchronized across two separate data centers for each country.

INCOUNTRY’S TURNKEY SAAS INTEGRATIONS STORE, PROCESS, AND CONTROL ACCESS WITHIN A COUNTRY OF ORIGIN.

InCountry’s SaaS integrations support the leading SaaS platforms and applications like Salesforce, Veeva System, Cegid, and more.

The InCountry Rest API directs data to and from our in-country data stores

Your application uses the InCountry REST API (including SDK) to store and retrieve records in specific countries using their ISO two-letter country code.

The InCountry Rest API enables your application to communicate data securely

Your application connects to the InCountry platform using TLS 1.2 and a revocable access token.

The InCountry rest API uses two methods to safeguard your regulated data

The InCountry REST API (including SDK) encrypts the full record using a symmetric key with AES-256. You control the encryption keys that are compatible with key management systems. Optionally, you can hash record’s searchable fields with SHA-256 for lookup operations.

The InCountry Rest API uses encryption, not tokenization

Tokenization is useful for storing information like credit card numbers that use a fixed pattern, and in use cases where the token can resemble original data. With tokenization, the vendor can reveal your data as you keep mappings between tokens and actual values. Encryption is useful for secure retention of arbitrary amounts of information like healthcare data. With encryption, you can retain your encryption keys and the vendor cannot reveal your data.

InCountry Border keeps data within a country’s borders with no coding changes

InCountry Border is a proxy layer running within InCountry’s points of presence. Your global web application can route web service calls between a user’s browser and the web application through InCountry Border. It uses a domain overlay to authenticate users and automatically redacts specified fields with PII or unredacts these fields on subsequent web service calls.

InCountry REST API integrates directly with your application

REST API is an easy to set up solution that directly integrates with existing REST microservices and application servers. When reading or writing a payload of non-regulated data, the application will use existing function calls to exchange data with the non-regulated data store hosted in an offshore data center.