Overview

This article introduces you to Advanced Response and Recovery Services then guides you through Licensing required for subsequent Walkthroughs.

Introduction

SSProtect was designed to address the most significant challenge to using encryption as a means to protect end-user data: Usability. History proves that past attempts result in trade-offs that limit widespread adoption.

DefiniSec invested heavily in specially-crafted innovations purposed for applying data security primitives to stored content, independent from host application software. The resulting In-Place Encryption facility automatically and continuously protects plaintext content while it's being used. End-user impact is reduced to optional 2FA acknowledgment when content is accessed, supporting any application that directly reads/ writes stored content (for example document data files).*

When we combine this process with patented KODiAC Encryption, we realize a platform for extended service capabilities directly aligned with IT Security Team priorities. These service components build upon the core service set offered by SSProtect/ KODiAC, and are available, on-demand, to Organizations at the press of a button - and without the need to install additional software:

• :Recover - Seamless data backup/ restore natively designed into KODiAC Encryption, supporting high-availability and continuity
• :Respond - Remediation enforces data Integrity, identifying and remediating corrupted/ sabotaged content using :Recover data content
• :Respond - Analysis uses deterministic :Assess auditing (resulting from cryptographic offloading) to deliver objective disclosure risk insight
• :xRecovery - Leverages the :Recover KODiAC Managed Data Archive to offer full data reconstruction for an Organization and its Users
• :Honeypots - Deliver early detection of malicious intent by capturing attacker behavior associated with unmarked, plaintext files

This upcoming series of articles will show you how these optional service components help you maintain continuity during complex security events while delivering precision insight and control over Incident Response and Recovery priorities.

* Catalogs extend this mechanism for applications that read and write multiple data files at one time, maintaining the same in-use plaintext protection achieved with In-Place Encryption though with variations designed to maintain suitable performance and scalability.

Section Content

This section contains (will contain; work in progress) articles that show you how to use fundamental aspects of each optional component's capabilities in common scenarios, as follows:

• Remote Profile Deployment - The ability to Replicate your Working Set of protected files on another host computer
• Disaster Recovery - Replication of an Organization's Managed Data Archive in a secure format accessible offline
• Ransomware Remediation - The ability to detect and repair corrupted/ missing files, across your Organization of Users
• Objective Disclosure Risk - The ability to generate Reports that provide Objective risks to disclosure over a configurable period of time

Each article will explain the scenario and utilize the work you've completed in previous Walkthroughs to serve as the starting point for executing related tasks.

Prerequisite Licenses

To utilize advanced Response and Recovery features, you must first License associated Components. Though this doesn't require additional installation, Trial Licensing for Advanced Component Services gets reviewed by our staff before access is granted.

In general, we support Trial Licensing for legitimate inquiries. Use the following procedure to submit your request:

STEP 1: Using SSProtect, Login to the Org1_Admin Profile we've been using in prior Walkthroughs.

STEP 2: Navigate to the License and Components dialog using the context menu available in the notification tray:

STEP 3: In the bottom left Component Configuration section, check :Respond Request then choose Yes to confirm and execute the request.

STEP 4: Repeat the operation using the :xRecovery Request checkbox, again choosing Yes to confirm and execute the request.

These two steps notify our Support Team who must review and respond before granting your Trial License. This generally takes between 5 and 15 minutes. For details, refer to the article, Trial Support Response.

Email Notification for Trial License Request

When your License Request is serviced, you will receive a message at the email address associated with your SSProtect Account.

STEP 5: Monitor the email associated with your Org1_Admin Profile for messages verifying License activation. These will come from the SSProtect Administrator <ssp-admin@definisec.com> with the following Subjects:

• [SSProtect] Change :Respond Configuration
• [SSProtect] Change :xRecovery Configuration

You can find further information in the article, Email Notifications.

STEP 6: Refresh Login to enable the new UI context associated with :Respond and :xRecovery, which will appear in your notification tray icon's context menu as noted and shown below:

• :xRecovery - Offline Archives
• :Respond Analysis - Disclosure Risk Analysis
• :Respond Remediation - Sabotage Remediation

This remaining articles in this section show you how to make use of these capabilities.

Additional Resources

You can search this site for more information on various topics, or use this link to submit a specific request. You can also send email directly to support@definisec.com, and our staff will respond to your needs as soon as possible.

In the meantime, don't forget to check out our primary website and Insights columns for information on current trends, security topics, and how our technologies relate.