This article describes optional SSProtect :Recover seamless backup/ restore capabilities.
Unified Data Protection
SSProtect and KODiAC together deliver unmatched protective capability with native workflow integration and a unified set of tools for IT and Security Analysts. This unified data management solution delivers measurable improvement to your security posture with:
- Protection for file-based data and Outlook email message content
- Isolation from MSP access to plaintext content
- Protection from legal subpoena to the MSP
- Continuous content protection, even while modifying plaintext w/ native software
- Protection from one-sided (host) intruder compromise
- Protection against host impersonation attacks (when using hardware 2FA)
- Protection from accidental plaintext exposure with sync/ sharing services
- Realtime Backup and multi-point Restore w/ secure offline Archive access
- Seamless, Zero-Configuration data sharing
SSProtect provides many more capabilities, all utilizing integrated and native application wofklows. This includes the :Expand programmatic interface, used for all :Email Outlook message protection activities. For more information, refer to the Overview articles and :Email Protection Features.
Performance and Scalability
SSProtect was designed from Day One to split sensitive cryptographic operations between your host computer and, "external" resources today provided by hosted cloud service operators (DefiniSec and others, or self-deployed IT-managed solutions). This approach required us to build our own high-speed secure data communications protocol specialized for realtime, integrated backup/ restore capabilities that provide direct, secured integration with remote access and storage operations (:Recover, see below).
The overall approach requires attackers to compromise both your host computer and the cloud service solution in order to acquire cryptographic keying material sufficient to recover plaintext content. Otherwise, attackers are left to intercepting plaintext content when in-use, which requires them to exploit vulnerabilities in each individual application you use to work with sensitive/ protected data (or of course find deficiencies in our host implementation).
This together with extensive focus on optimizations realizes reduced performance overhead associated with cryptographic operations while minimizing the impact of cloud communication latency - without compromise to the more extensive set of security primitives delivered for seamless infrastructure integration.
Resulting end-user latency is, for many, unnoticeable, and application workflow usage is as close to native as possible, maintaining existing workflows and application compatibility with the benefits of an enhanced security posture...
...even on compromised hosts
...even while working with plaintext content
...even in the face of human error
...even with the preponderance of internal malice
...even working with software developer tomorrow (without system updates)
...even working with unpatched/ vulnerable systems
Optional :Recover Backup/ Restore Service
With the prevalence of Ransomware and internal sabotage, it is no longer sufficient to operate without reliable backup/ restore. With :Recover, an optional SSProtect service component, you maintain access to individual Versions of content you create, edit, share, and manage - without changing any other aspect of how you work with your data.
Unlike other backup/ restore solutions that periodically copy data from your host to another location, SSProtect maintains protected content with each change, imposing zero procedural impact to users while ensuring that content is up-to-date. Backup is automatic and configured with Policy, while Restoration can be manually driven by end-users or programmatically integrated for automatic external system integration.
It's worth noting that Restored content remains secured, since SSProtect protects data at the source and maintains protections wherever content travels. As such, data Restore retains the Access Control requirements embedded into Policies that are decoupled from Backup/ Restore configuration and execution (reducing the potential impact to security posture when in-use).
Double/ Hybrid Conversion Flexibility
In all cases, :Recover content is isolated from KODiAC Cloud Service operators - except of course when the MSP utilizes its' own SSProtect Organization and you specifically grant one of its' members access to your content (as a Third Party Trust).
Double Conversion and Hybrid Conversion utilize different Threat Models. This changes accessibility to Restore operations, which depends on the Operating Mode and the relationship of the User that created the target Version (instance).
Dynamic Mode Switching
To support optimized performance, you can configure a threshold data size that triggers a prompt for dynamically switching from Hybrid- or Double-Encrypted operation to Optimized Offloading (which precludes access to backup data), though often the time it takes to acknowledge the prompt exceeds that required to re-encrypt typical business data files.
This capability is represented for individual files and includes a maximum at which Optimized Offloading is also inhibited, allowing you to control impact based on host computing power/ resources, :Recover Quota limits, and Retention Policy settings.
For configuration insight, refer to the article, Using :Recover. For capability insight, refer to the article, Archives, Quotas, and Retention Policy.
The Restoration process is as close to assured as possible, given Restore/ Replicate closely resembles data access operation - in fact in many cases using an exact subset of the actual data access procedure. Variations are beyond the scope of this article, though Authentication requirements are the same, and managed by Policy associated with your Account (and/ or governing Organization).
Restore/ Replicate Name Conflicts
When you Restore (or Replicate) to a target file that already exists, you will be prompted to Skip the operation or Replace the target (with an option to apply your choice to future similar conflicts). If you choose Replace, the two files are compared before the older of the two is renamed with a 3-digit extension. This way, both files remain for further review, with the latest taking the native filename.
The use of the 3-digit extension is repeated for subsequent conflicts to the same instance, for example if you later perform the same operation or perform a multi-select Restore/ Replicate operation that results in more than one file targeting the same destination. In each iteration, the latest file is retained in the native target's location while alternate instances take the next increasing numbered extension available (i.e. .000, .001, .002, etc). These numbered files remain until you manually remove them, though remember that Restored content remains protected (Encrypted and subject to Access Control based on ownership and dynamic sharing Policy).
Foundation for :xRecovery Disaster Recovery
:Recover content cannot be intentionally removed (see below) except in very limited and rare (exception) conditions that are tightly controlled. As a result, managed instances (Versions) of protected :Recover content are available for :xRecovery Archive re-creation, which provides secure offline access used in Disaster Recovery proceedings. For more information, refer to the article, Using the :xRecovery Access Panel.
Remote Profile Deployment
SSProtect supports relocation of a Profile to a new Host computer, as described in the article, Remote Profile Deployment. This operation includes :Recover Replicate operation, providing a mechanism for securely, "moving" your, "Active Workspace" to another computer.
This allows you to quickly respond to host corruption, compromise, sabotage, theft, device loss, destruction, or other circumstances that would otherwise render host computing resources unusable, which minimizes the impact of these common events and maintains ongoing end-user access to managed content.
Limiting Multiple Instances of a Single Item
:Recover offers an optional Retention Policy setting that can be used to maintain the last, "X" number of managed instances while making older content available for removal when Quota space is used. Of course, so long as there is available Quota space, older content is maintained and available for recall/ :xRecovery.
This option can be enabled/ disabled or changed on the fly, though it requires direct interaction with Support due to its' wide-ranging impact (and non-trivial end-results). For details, refer to the article, Archives, Quotas, and Retention Policy.
Restore vs. Replicate
Restore places managed content in native (last-used) folders, though this of course it not always possible depending on host volume mappings. Dynamic Default Folders provide a way for you to place managed content in a location that can be dynamically redirected to configurable target locations on different hosts. For more information, refer to the article, Managing Host Data and of course the article, Remote Profile Deployment.
Replicate handles cases where mappings are not possible, i.e. a Restore operation does not target an existing folder, and cannot create one that matches the item's path. In this case, content is Replicated inside your Default Folder using a scheme that recreates the path structure in a manner suitable for acquiring multiple files then relocating them on the local host computer for ongoing use.
For more information, refer to the article, Restoring and Replicating.
:Email is fairly complex and specific to integration with Microsoft Outlook. Use Policies to control default behaviors - more information will be available in related articles.
In the meantime, you can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to firstname.lastname@example.org, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v9.6.1 of the :Foundation Client