circles of trust™ - amazon s3of+trust+product+brief.pdf · circles of trust™ prevents bob...
TRANSCRIPT
CRYPTOMILL CYBERSECURITY SOLUTIONS
product overviewCircles of Trust™ is an enterprise security software system that eliminates the risks associated with data breaches from a hacker attack on any network, cloud, or email server; as well data leaks through lost or stolen devices.
Using CryptoMill Trust Boundaries technology, data is cryptographically bound to a select group of users and devices. Circles of Trust™ employs folder-centric file-level encryption to provide an intuitive “trusted-circle” access rights sharing capability. Once protected, the files can be shared and used by only members of the Circle. If a protected file ends up in the wrong hands (a non-Circle member), it is unreadable and unusable - it stays protected and cannot be decrypted.
Circles of Trust™ supports all file formats - no plugins required. It offers central management, multiple device sync, mobile device readers, and protection of files stored on the cloud.
Circles of Trust™ security capability is API-driven and can be integrated with existing business processes. Encryption can be automated so that any time sensitive data is exported, it is protected. You also have the ability to revoke access to any files anytime, anywhere.
Simple Workflow1. Create a Circle2. Add members and folders3. Share files through any meansOnly members can access protected documents
Key features• Prevents accidental data breaches• Protects data in the event of loss or theft• Seamless and transparent protection• Secure and easy group sharing• Online administration for ease of management
across company systems
Security Highlights• File-level persistent encryption• Stays secure even in cloud storage• Strong encryption using government-standard
AES cipher
Benefits• Secure sharing with project groups• Date expiry for documents• Track documents• Revoke access to documents• Seamless and transparent• No interruption to workflow• No additional passwords
OVE
RVIE
W
Alice can have a “Circle”
for each client.
p1
Alice
client Cclient A
Alice
client B
Alice
CRYPTOMILL CYBERSECURITY SOLUTIONS
technology
zero overhead key management
Our Key Management Server eliminates the need to store millions of keys. Keys are recomputed as needed based on environmental components.
• Mobility friendly - Fully functional when disconnected from the network
• Scalable - Secures any number of files, on multiple devices
• Reliable - Always recover access to encrypted items
trust boundaries
absolute data protection benefits
benefits
benefits
Cryptographically-enforced organizational perimeters limiting which people, PCs, mobile devices, and storage can share protected data.
• Data Protection - Privacy is always preserved by encryption
• Prevents Internal Breaches - Data can’t be accessed outside of a Circle
• Easy Group Sharing - Automatic access to data within a Circle
Circles of Trust™ files remain encrypted regardless of where they are stored. As a result, a user can safely store and view data at any time.
• File Level Security - Circles of Trust™ encrypts each individual file
• Security Everywhere - Remains encrypted on a computer, at rest, in the cloud or on mobile
• Seamless and Transparent - Allows user to work on files in their native application
Circles of Trust™ utilises CryptoMill’s unique technologies to ensure the highest standard of data security.
TECH
NO
LOG
Y
p2
CRYPTOMILL CYBERSECURITY SOLUTIONS
FEAT
URE
S
features
multiple device sync
logging and reporting
mobile device readers
central management protected cloud storage
A file protected by a Circle can be sent through cloud storage providers without losing its encryption, and it will still be accessible only only to the designated members of the Circle.Circles of Trust™ supports the following cloud storage providers:
Circles of Trust™ gives administrative privileges to trusted individuals, allowing for easy management of employees’ access levels using the Circles of Trust™ Management Console. Furthermore, each user can be given the ability to efficiently carry out commands within their created Circles such as:• Instant Invitations: New Circle members
can be invited immediately• Recovery: Circle data can be retrieved from
any member• Revocation: Excluding a member is easy• Logging & Reporting: Audit trail for sensitive
operations (Administration only)
User devices will be synced to their account, allowing for access to all of their Circles on any device. Any Circle related changes made on a user’s device result in an instant update to all other connected devices.
Circles of Trust collects detailed logs of events providing audit trails on user activities relating to Circles.
Circles of Trust™ is supported on iOS, Android, and Windows . This allows the user to have on-the-go secure access and management of all their protected data.
on premises key control
Cryptographic keys are kept on the customer premises - not in the Circles of Trust™ Management Console. This ensures only the user’s organization has access to the keys and data.
revocation
A user can be removed from a Circle at any time by an administrator, or an owner of the Circle, thus revoking their access privileges. Once privileges have been revoked, the user will no longer be able to access protected data, regardless of when they received a file.
Apple iCloudGoogle Drive
DropBox
p3
recovery time expiryRecovery of access to data is always available and only in the hands of the organization with the on-premise Key Management Server (KMS). When deployed in an enterprise, data is always accessible by the organization in which the circle exists.
RAD@R provides data-at-rest encryption to protect digital assets residing on servers. Uniquely, RAD@R also provides data-in-use protection: defending against attacks, remotely or locally, on back office servers & storage. RAD@R provides transparent decryption services for server
• At-rest / in-use encryption for live data on application servers
• Only authorized server processes can access protected data
User, administrator, or business processes can specify the time duration for which Circle members have access to encrypted files. Time expiry can be applied to individual files, or Circles. After the set time period, the member will no longer have access to the protected data. This applies even if they had previously downloaded a copy.
applications, without impacting functionality such as indexing, preview generation, etc.
RAD@R sits just underneath DMS middle tier, In between the DM manager and document storage system.
• Data loss prevention from any unwanted intruder or rogue administrator
• Existing server functionality preserved and unchanged (e.g. search & indexing)
CRYPTOMILL CYBERSECURITY SOLUTIONS
DAT
A-AT
-RES
T / A
CCES
SIN
G /
FEAT
URE
S
accessing encrypted assets
data-at-rest for servers - RAD@R
p4
Web View (Level 1)Trust View (Level 2)Trust Edit (Level 3)• No Download• Access through any browser
• No Install• Sandbox Viewer • No Export,
No Screen Capture
• Full Install• Edit and Collaborate
CRYPTOMILL CYBERSECURITY SOLUTIONS
architecture
ARCH
ITEC
TURE
/ O
N-P
REM
ISE
KMS
benefits• No keys or documents stored in the CoT Management Console• On-premise KMS provides instant onboarding and recovery• Web based Managment Console supports multiple administrators within the organization• Supports multiple user device platforms
CoT Client CoT ClientCoT Management Console
secure communications
facilitator
CoT Client KMS(CoT Key
Mgmt Server)
AD Server
Inside the Enterprise Firewall
Enterprise Network
on-premise key management server
The on-premise KMS with Circles of Trust™ is an ideal way to boost productivity while still keeping a tab on security.
TheKMS deployed in your organization provides instant onboarding of new Circle members and instant provisioning of new devices for existing members. It is your own private data security component, providing secure cryptographic key exchange to people that are granted membership into Circles.
The KMS is designed with a fail-safe switch which automatically locks down all protected data to a secure format the moment it loses power.
This enables system-wide backup capabilities to be safely applied and makes theft of data through physical attack virtually impossible.
benefits• Detailed logging and reporting for auditability
and traceability• Makes the key material available for
synchronization between users devices• Instant on boarding for invited users even
when Circle owner devices are offline• Enables enterprise-wide recovery• Integrates with Microsoft Active Directory
All your secrets stay safely under your control and you are guaranteed that security will not be compromised through any cloud-targeted attacks.
p5
CoTWebView
Server
CRYPTOMILL CYBERSECURITY SOLUTIONS
additional value
ADD
ITIO
NAL
VAL
UE
cryptographic access driven
The components of a key are divided among three environmental contributors:• Circle members• Circles of Trust™ credentials• The protected dataIf any of these components are missing, access to the file is prevented.
folder-centric classification
Circles of Trust™ works well with the user’s existing folder structure making it simple and intuitive. An end user can easily and naturally classify data based on their regular organization of files.
cloud file protection
Secure data syncing to the cloud allows a user to easily share a protected file across all of their devices. Even if a user’s cloud storage account is hacked or accessed by an outsider, the protected files that have been uploaded cannot be decrypted.
supports consumerization
Circles of Trust™ is a light footprint, compact software solution that works well with federated ID, resulting in minimal IT management. Its compatibility with multiple devices per user as well as mobile platforms allows it to integrate efficiently into any work environment.
secure cross border sharing
With Circles of Trust™, working as a team has never been easier. Ad hoc groups can be formed easily via Circles and files can be safely transferred through any means, whether it is by USB, email, or a cloud folder.
seamless access to protected files
Circles of Trust™ works with any file type and provides protection at the file system level. This seamless and transparent experience is based on virtualized access to encrypted files.
p6
CRYPTOMILL CYBERSECURITY SOLUTIONS
benefits
time expiry & revocation
data protection everywhere
no interruption to workflow
secure group sharing
seamless & transparent
no additional passwords
BEN
EFIT
S
p7
CRYPTOMILL CYBERSECURITY SOLUTIONS
secure group sharing
no additional passwords
secure data sharing in the cloud
Gene shares her sensitive design data with Hank who works at a specialty manufacturer via the cloud.
A network/cloud hacker gets unauthorized access to Gene’s account but is unable to read her protected data.
Hank Hank
Hacker ?!Gene
Hacker
Gene
WITHOUT Circles of Trust™ WITH Circles of Trust™
USE
CAS
ES
p8
control over shared assets
WITHOUT Circles of Trust™ WITH Circles of Trust™
use cases
Jennifer sends a project file for review to Ken, who is a partner at an external agency.
Ken at the reviewing agency can only view the project file preventing unauthorized copying, screen-capturing, and sharing.
Jennifer Ken Jennifer
View Only
Ken
Copy
CRYPTOMILL CYBERSECURITY SOLUTIONS
accidental data breaches via email
Alice emails a confidential project proposal to Bob Barker instead of her manager Bob Baker.
Circles of Trust™ prevents Bob Barker from reading the Circles of Trust protected files attached to the email.
lost usb drives
Alice misplaces a USB drive containing sensitive client data at work. Eve finds the USB.
Eve cannot access any Circles of Trust protected files on Alice’s USB drive.
Alice
Bob Barker
Bob Baker
WITHOUT Circles of Trust™
WITHOUT Circles of Trust™
WITH Circles of Trust™
WITH Circles of Trust™
?!
?!
Eve
Alice
Alice
Bob Barker
Bob Baker
Eve
Alice
USE
CAS
ES
p9
v 3.4 CRYPTOMILL CYBERSECURITY SOLUTIONS
about
CryptoMill Cybersecurity Solutions is an innovative security software company, with disruptive technologies that address security and privacy related issues from the edge to the cloud.
CryptoMill’s suite of security software products eliminate the risks associated with data breaches from a hacker attack on any network, cloud, or , email; as well as data leaks through lost or stolen devices.
contactCryptoMill Cybersecurity SolutionsSuite 301, 100 Front Street East, Toronto, Ontario, Canada, M5A 1E1Toll free: (855) 441 4333T: (416) 241 4333 ext. 101F: (416) 241 4333E: [email protected]
sales contactE: [email protected]
connect with us
YouTube: http://www.youtube.com/user/CryptoMillTech
Facebook: https://www.facebook.com/CryptoMill
Twitter: https://twitter.com/CryptoMill
LinkedIn: http://www.linkedin.com/company/CryptoMill-Technologies
main red
PMS 1795CC0 M96 Y90 K2
YOUTUBE LOGO SPECS
PRINTgradient bottom
PMS 1815CC13 M96 Y81 K54
on dark backgroundson light backgrounds
standard
no gradients
watermark
stacked logo (for sharing only)
standard
no gradients
watermark
stacked logo (for sharing only)
white
WHITEC0 M0 Y0 K0
black
BLACKC100 M100 Y100 K100
p10
ABO
UT