This article explains how SSProtect approaches Data Protection and Management.
SSProtect was designed to protect and manage host application data, also referred to as unstructured content or endpoint application data. It has been designed to minimize end-user impact, provide a high-degree of protection, and use resulting insight to maximize Incident Response efficiency. Information regarding system features can be found on our main website in the product pages.
SSProtect :Foundation Client
The :Foundation Client is a host software application you install and run on your computer. This is an exceptionally small program that uses minimal system resources. It performs well on any minimally configured installation of supported Windows versions (7 and 10 - for XP, 8.x, and Server deployments, contact Support).
The :Foundation Client is configured to start when you Login to Windows, and it runs in the background with almost no overhead until you access content it manages on your behalf.
The :Foundation Client uses a Login Session that holds policies used to govern access to managed content. Policies are specific to an Account used during Login, and User/ Account associations are explained in the related article, Accounts, Identities, and Roles.
Sessions are of limited duration, and end at timeout or user/ application Logout. When you perform actions governed by the :Foundation Client, it utilizes the active Session to handle execution. If a Login Session is not active, you will be prompted to Login, which (most often) allows you to choose an Account and enter a Password. This establishes the Session that then dispatches the pending request.
Note that this exception Login event requires the :Foundation Client to be running, which is the typical case unless you or some other action Exits/ terminates the application. If this occurs, restart by double-clicking the SSProtect Desktop Shortcut created during :Foundation Client install.
File Explorer Integration
The software includes File Explorer integration that allows you to see Overlay Icons for protected/ managed files. It also extends the Explorer context menu - both the normal right-click menu, and the advanced menu you see when holding the Shift key and right-clicking a target. This allows you to Apply and Release Protections to/ from one or more target files.
The User Interface
The :Foundation Client exposes configuration items using a Context Menu associated with a notification tray icon that's created when the software starts (marked with the DefiniSec 'D' icon). If not immediately visible, click the notification tray to show hidden icons.
When you click the SSProtect icon, you will see the software's Context Menu. This menu changes depending on your User Role, exposing items that are relevant for your use. Menu Item selections leads to operations and User Interface elements that allow you to Login, modify your configuration, work with managed content, and perform other related tasks.
All UI elements include a Help button, which will direct you to a Support article, on this site, specific to the context in which you were working.
NOTE: SSProtect does not utilize a web interface. This helps minimize the cloud service architecture's attack surface, reducing intrusion risks and the threat of Denial of Service attacks.
KODiAC Cloud Services
The :Foundation Client communicates with KODiAC Cloud Service components. These are highly available service components that expose primitives that make up the SSProtect application suite's capabilities. Each Account is configured with a certain set of available services, and as you work with your :Foundation Client and managed content, requests are securely dispatched to these cloud services for proper execution. This includes operations such as Identification of end-users, password and 2nd-factor token authentication, data encryption and decryption, backup and restore, reporting and analysis, and User/ Account provisioning, configuration, and maintenance.
The :Foundation Client coordinates requests with KODiAC Cloud Service components to manage content and SSProtect operations. Communication does not use SSL/ TLS, and does not rely on the public chain of trust used by Certificate Authorities and traditional Public Key Infrastructure. This avoids the many risks associated with TLS, certain instantiations of open source, and infrastructure insecurity, which are beyond the scope of this article but hold widespread significance in today's threat landscape.
All communications are protected using a proprietary communications protocol specifically designed to optimize security and performance. This protocol employs many aspects of both TLS and IPsec, however without the additional overhead these protocols utilize to deliver interoperability and extendibility for generic public consumption. This provides many benefits while reducing threats that come from common source targeted by nation-states, hackers for hire, and other highly capable and motivated threat actors.
For more insight on terminology and system components, refer to the article, Components and Names. Peruse the Concepts Section to gain more insight on how Users, Accounts, and Organizations are formed to manage content, or send email directly to firstname.lastname@example.org with questions for our staff.
This article was updated w/ v8.5.1 of the :Foundation Client