This article introduces you to SSProtect and KODiAC Unified Host Application Data Management.
Introduction
DefiniSec secures host application data without limiting usability, removing barriers to widespread adoption of encryption as a means to protect from Doxing, Ransomware, IP Theft and similar activities carried out by Nation-State APTs, Crime Groups, Malicious Insiders, and Hackers for Hire.
Effective controls require far more than data encryption. SSProtect, our Unified Data Protection and Management System, offers an integrated set of protection and management services with:
- The :Foundation Client, a small (~10 MB) Windows application you download, install, and use
- KODiAC Cloud Services, deployed and maintained by DefiniSec
Though the :Foundation Client supports a self-service deployment model, you can of course manage distribution using common Enterprise management facilities.
The :Foundation Client runs in the background when you login to Windows, offering a context-based User Interface for end-users and administrators. This replaces the more common browser-based approach to utilizing SaaS capabilities, increasing security and performance.
KODiAC Cloud Services delivers SaaS capabilities, though doesn't require your attention: DefiniSec deploys and maintains the global network of cloud service instances to maintain security, service availability, and responsiveness.
Application-Independent In-Place Encryption
The :Foundation Client provides UI resources for you to secure and manage sensitive data, for example documents/ files and Outlook email. Innovation we refer to as In-Place Encryption automates decryption and re-encryption when you access managed content, isolating interim plaintext and presenting it to the host application software you've chosen to use.
This not only reduces the potential for human error, but protects from malicious intent on a compromised host while retaining application and infrastructure flexibility.
Patented Cloud Cryptographic Offloading
In-Place Encryption utilizes our patented cryptographic offloading techniques to distribute sensitive encryption/ decryption resources. This requires attackers to compromise your computer and KODiAC Cloud Services to steal decryption keys. It also protects you from legal subpoena of DefiniSec decryption keys designed to surveil your content: KODiAC never has sufficient information to access your plaintext.
These offloading techniques utilize additional innovation to minimize performance overhead, and results form the foundation for KODiAC services that include Encryption, Access Control w/ MFA, precise Auditing/ Reporting, Zero-Configuration Sharing (w/ Policy-based Third Party Trust associations), and optional, seamless secure Backup/ Restore.
Advanced Response and Recovery Services
In-Place Encryption and Cryptographic Offloading provide the foundation for core SSProtect services, which in turn pave the path for optional, advanced Response and Recovery services.
Data Integrity Remediation uses precision Auditing details to determine if content has been corrupted, leveraging Backup/ Restore data to make repairs. This is effective in remediating the impact of Ransomware, and execution is trivial.
Advanced Analysis derives the, "worst-case" Disclosure Risk reality from Audit event history. This offsets 10s if not 100s of thousands of dollars in Incident Response investigation costs, providing a nearly-instant view of content that maintains theoretical disclosure protection over any given period of time. This scopes follow-up investigation while offering distinct insight into Third Party sharing risk. Notification can be done on your behalf, or manually.
Disaster Recovery makes aggressive use of Backup/ Restore data to build and deliver secure Archives of Organization content over all time, accessible in secured, offline form.
In every case, summary Reports utilize a repeatable digital chain of custody necessary for results to qualify as Evidence in legal proceedings. This alone should strike fear in the minds of Malicious Insiders, no longer so easily able to operate outside the purview of protective systems.
Extend the Value of Existing Security Investments
After you deploy SSProtect, you can take advantage of Audit records to improve effectiveness for existing SIEM deployments. You can also utilize the :Expand API to directly integrate your own facilities with SSProtect, for example utilizing any data classification and/ or DLP specifics to drive on-demand protection of discovered sensitive content.
Layered Host Defenses
No security system is unbreakable, though SSProtect's combined use of In-Place Encryption and Cryptographic Offloading elevate the set of skills required to access plaintext content. One opportunity remains - attempting to steal interim plaintext materials available only when you securely access managed content.
These techniques, however, are relatively, "loud" to typical endpoint security controls, such as Windows Security. When an attacker attempts to inject malicious code into your word processor, for example, properly configured endpoint protection technologies stand a reasonable chance of detecting, limiting, and/ or blocking malicious code.
Results have proven to be highly-effective against even the most capable attackers.
Summary
SSProtect puts you back in control of your data with minimal impact to end-users, application choice, and infrastructure flexibility. Recover from the inevitable and stay ahead of persistent attackers using one solution, one source, one answer, and one plan that empowers you, your users, your partners and your customers to minimize the impact of data security events while maintaining operational focus on your business.
This article was updated w/ v10.7.1 of the :Foundation Client