This article offers a high-level view of SSProtect then summarizes our approach to further explaining related details.
Introduction
This series of articles is designed to provide interactive insight on SSProtect capabilities, switching between guidance specifics and descriptive text to offer firsthand knowledge of system functionality and capability. You will encounter a number of sections prefixed by the text, Looking Deeper, which provides more in-depth details related to the guidance provided by the Walkthrough.
This approach aims to more fully explain both the operation and goals of SSProtect, which not only protects data, but also manages operational continuity in the presence of ongoing security events and IT-related challenges.
BRIEF Articles
Most Walkthrough groups includes a BRIEF, with accompanying video, that removes discussion, insight, and commentary, consolidating STEP guidance into a single progression. This is purposed for more advanced users who prefer to focus on guided tasks and engage in self-discovery.
Others will prefer the slower, more involved pace by skipping the BRIEF and instead working through details from the very top. Mix and match as you wish; our goal is to serve the interests of all users.
NOTE: BRIEFs are not available for Response/ Recovery Walkthroughs since they are optional but advanced services.
Ordered Review
The Walkthroughs are written to be reviewed in ordered fashion, and work best since STEPS from one Walkthrough sometimes creates a system state that another relies upon. As such, the following progression works best:
Introduction Walkthroughs:
- Overview and Terms - this Introduction that includes some clarifying insight on terms we use
- BRIEF: Intro STEPs - the BRIEF that consolidates Introduction STEP guidance into one progression
- Provision Test Accounts - helps get started with the first resources for subsequent execution
- Login and User Interface - beginning of the discussion on how to use the software
Common Task Walkthroughs:
- BRIEF: Common Tasks - the BRIEF that consolidates Common Task STEP guidance into one progression
- Protect and Access Data - fundamentals for protecting and using managed content
- Restore Managed Data - ways you can Restore information when using :Recover
- Acquire Usage Reports - shows you how to scope and acquire the pre-canned Reports (from CSV data)
Simple Administration Walkthroughs:
- BRIEF: Simple Administration- the BRIEF that consolidates Simple Administration STEP guidance into one progression
- Migrate to an Organization- explains how to Migrate your Test Account to create an Organization
- Provision, Validate, Dismiss - guidance for Provisioning and onboarding new Organization Accounts
- Default Folders, Sign-Up, Profiles - additional administrative activity around Organizations/ Accounts
Sharing/ Managing Data Walkthroughs:
- BRIEF: Sharing/ Managing Data - the BRIEF that consolidates Peer/ Third Party Sharing STEP guidance*
- Peer Data Sharing - walks through the reality of :Collaborate Zero-Configuration Data Sharing
- Third Party Trust Sharing - works through the creation and use of Third Party Trust associations
- :Recover w/ Shared Content- combines concepts together, defining common terms then offering usage examples
- Version Chains - explains this advanced Policy and illustrates the trade-offs and impact of different settings
* The BRIEF: Sharing/ Managing Data only encompasses Peer and Third Party Sharing Walkthroughs; subsequent content is more advanced
Response/ Recovery Walkthroughs:
- Overview - explains optional Response/ Recovery server components and Trial Licensing procedure
- Trial Support Response - defines DefiniSec Support Trial response expectations and escalations
- Remote Profile Deployment - shows how to use an SSProtect Account on other hosts (without using a separate computer)
- Disaster Recovery - works through acquisition of an :xRecovery Archive that uses :Recover data
- Ransomware Remediation - shows how to dispatch Integrity Remediation, fixing Ransomware damage
- Objective Disclosure Risk - shows how to execute :Respond Analysis to acquire Objective Disclosure Risk Reports
SSProtect vs. :Foundation Client
You will, throughout the Walkthroughs and other documentation, often encounter general use of the term, SSProtect. Though SSProtect is the Unified Data Protection and Management System aimed at protecting your host-based application data, its' use in the Walkthroughs and related documentation can often be replaced with the more specific :Foundation Client reference - especially when referring to the User Interface and end-user interaction.
The :Foundation Client is the software you install on your host computer, and it implements logic to monitor managed content and respond to events and User input, coordinating execution with KODiAC (Cloud) Services. KODiAC is deployed and maintained by your Managed Service Provider, today most likely DefiniSec.
Basic Terminology
SSProtect does more than encrypt and decrypt data. Like most endpoint encryption software, SSProtect applies a variety of security primitives to managed content.
SSProtect also applies an extended amount of added service capability to content, depending on Policies associated with Accounts and/ or Organizations. Built-in and optional services are summarized on the DefiniSec website., and include facilities for Auditing/ Reporting, Secure Sharing, Backup/ Restore, Disaster Recovery, Ransomware Remediation, Disclosure Risk Insight, and others.
For these reasons, the use of, "encrypt/ decrypt" would be misleading. As an alternative, we use the following terminology:
- Protect/ Activate Protection - Add content or resources to the protective scope of SSProtect
- Release/ Release Protection - Remove content or resources from the protective scope of SSProtect
- Convert or Conversion - Change data from ciphertext to plaintext, or vice-versa
- Managed Open - The secure method of Converting managed ciphertext to plaintext while restricting access
- Managed Close - The secure method of Converting managed plaintext back to ciphertext before removing access restrictions
- Managed Access - The general operation of using Managed Open/ Close to securely access and modify content
Accounts and Organizations
An SSProtect Account is identified by an email address the associated User controls. A single email address is associated with one and only one SSProtect Account.
Throughout this documentation, you will encounter use of both SSProtect Account and SSProtect User. These two references are almost always interchangeable.
Accounts are either Individual Accounts or Organization Accounts. The former is as it seems - a single, self-managing Account. Perhaps less obvious, an Individual Account is a Privileged Account with the ability to carry out specific Privileged configuration tasks on itself.
The Test Account this article helps you Provision is an Individual Account. Walkthroughs show you how to Migrate to an Organization. More details are provided along the way, as they become relevant.
Details are described in the Concepts Section of the Administration Category, more specifically the article, Accounts, Identities, and Roles.
Additional Resources
You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.
In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.
This article was updated w/ v10.7.1 of the :Foundation Client