Definitive Data Security, Inc. (DefiniSec):
- Cannot access, in plaintext form, data you protect with our products
- Cannot disclose, in plaintext form, data you protect with our products (even in response to legal proceedings)
- Does not and will not access, analyze, review, share, or sell data associated with your use of our products, except as required by law or in response to Security Events (consistent with industry best practices)
- At priority will inform you of any data disclosure associated with your use of our products, website(s), and/ or stored communications
- Always strives to maintain complete transparency of Data Privacy intentions and results in precise, clear, and accurate form free from subjective interpretation
DefiniSec makes Integrity the #1 priority in all business endeavors, striving to maintain a level of adherence well beyond modern day cultural platitudes.
We apply Data Privacy considerations to the way we engineer our technologies and engage in service operations, purposely engineering solutions that make it theoretically impossible for DefiniSec staff to access managed customer content.
In General: We place a higher degree of focus and effort on protecting your Privacy in all matters, in no small part simply because behavior that violates Privacy was at the core of our primary motivation in forming the company and investing our time, efforts, and aspirations in its’ success.
More specifically, this Policy defines the Privacy you can and should expect to maintain whether use of DefiniSec resources creates new data and/ or acquires existing or derived data.
In General: We run our business with Integrity as the #1 priority in all that we do, with business pursuits tightly focused on your Right to Privacy and our ability to help you maintain professional secrets in the form of Intellectual Property and corporate communications. We can then assert that your Privacy is of the utmost concern in all of our engagements, and you can as a result expect a higher degree of certainty when choosing to do business with DefiniSec.
The remainder of this Policy qualifies specifics while clarifying the purpose and scope of our corporate presence and sales offerings.
This section quantifies general expectations regarding the following Domains:
- definisec.io – current website, redirected from definisec.com
- definisec.com – Early Adopter website, now deprecated
- secdefini.net – registered but not used, aligned with definisec.io
We have purposed these domains to share information about and promote opportunities with DefiniSec technologies and related products/ services. These facilities then are consistent with most website proceedings from others in our similar line of business.
In General: We limit the acquisition of information by disabling website User Accounts, User Comments, and participation that is specific to you except where cookies are concerned in helping maintain state information regarding links you’ve previously followed and those you have not yet investigated.
Data Security and Management (KODiAC)
This section quantifies general expectations regarding the following Domains:
- kodiac.io - KODiAC Cloud Services resolving to global DC instances
- secdefini.com – KODiAC Cloud Services resolving to global DC instances (deprecated)
We have purposed these domains for our products, technologies, and services offered for sale and/ or to deliver facilities in support of our primary Mission. These facilities (KODiAC Cloud Services) generate, store, analyze, and maintain usage history then make it directly available to you. Usage data is in many but not all cases encrypted.
Managed content is protected using facilities that maintain theoretical isolation from DefiniSec resources, at all times, over all time, in every circumstance except when explicitly noted. Operating Modes that violate this premise require special permission and are not, by default, available for deployment.
In General: We generate very little derived data not available or obvious to you, and not only limit DefiniSec access to your information but also in many cases make it theoretically impossible for our team to acquire any meaningful representation of content you choose to manage with our core technologies. Though critical aspects of your managed content are encrypted in a manner that makes DefiniSec access theoretically impossible, usage data is not always subject to these same controls.
Web: Common data we don’t collect
As it pertains to web services promoting core products, technologies, and services, we do not engage in the following, typical activities that generate and/ or collect, track, analyze, and store data:
- Website Login and associated User Context/ Tracking
- User Comments, Media, and other forms of public, posted discourse
- Contact and Sign-Up Forms designed to track, contact, and engage users
Web: Common data we collect/ use
We use web authoring and general usage tracking/ analysis tools that are common, popular, and designed to provide DefiniSec with insight that offers more effective ways for us to share and promote our products, technologies, and services.
We however take no additional action to store, analyze, or maintain specific, related, or information-derived data from standard cookie use.
Web: Third Party sites and services
Our websites utilize third party services, sites, and references that collect end-user information and as a result do not maintain Privacy controls over external content. Other than as noted in related text of this Policy, DefiniSec is unaware of any related reference to, embedding and/ or use of third party sites/ services that sell, share, and/ or publish related IP Address associations with historical behavior.
IP Addresses and Analytics
Our websites and pages include and utilize Analytics around end-user activities and behaviors, relying on up to half a dozen common and popular third-party Analytics services to provide insight aimed at helping DefiniSec author more effective promotional materials and targeted information.
DefiniSec does not however take any additional steps or engage in related purposed behavior to extract, analyze, or store/ maintain activity insights and specifically limits its approach to reduce opportunities for unintended information disclosure.
IP Address correlation to country of origin
In specific cases, noted below, we specifically seek to identify the origin of end-user IP Address information using common, popular geo-blocking technologies. Our use results in the storage of date/ time, IP Address, and country of origin records stored with website resources in plaintext form utilizing a simple means for viewing these associations in ordered fashion, on-demand.
The third party service integrated for such purposes shares content with a popular service provider who maintains up-to-date records of IP Address/ Country associations then delivers results for sale, likely including date/ time insight in at least some cases. DefiniSec has however made use of all available facilities to limit the information stored/ recorded and/ or shared.
This information is used by and for software downloads, and specifically limited to the following URL and those to which users may be redirected when accessing content from outside managed regions (noted on the page):
Embedded images, articles, videos, other
Our websites and pages most often include links to external sites and content, however, may inadvertently inherit and thus include references to external sites for images and/ or articles. These pages, when rendered, endure aspects of data collection and Privacy that align with the same should you visit the site independently and directly, however scope is of course much more limited. Our team prioritizes avoidance of these dynamics and always seeks to ensure such content requires visible and obvious scope.
Our website and page video content is delivered using YouTube specifically from the context of:
Viewing any video carries with it the same data collection and Privacy considerations associated with independently visiting YouTube, directly.
KODiAC: Stored ciphertext content
The following is specific and critical to DefiniSec’s products, technologies, and service offerings, and directly related to the two patents granted for the methods employed to achieve noted results – first available at the end of 2014.
Theoretical cloud isolation of managed data
KODiAC coordinates with the desktop client (:Foundation Client) and, using patented cryptographic offloading techniques, converts your sensitive data to ciphertext form in a manner that makes it theoretically impossible for DefiniSec Cloud Service operators to recover your plaintext content except in very specific circumstances, not available by default, and noted below.
Violating theoretical ciphertext cloud isolation
The above theoretical separation can be violated when very specific conditions are met, well-documented and prohibited by default and until specific details regarding violation of the intended separation has been shared and well-understood by the Data Owner. This requires the concurrent use of Double Conversion and authorization of a Third Party Trust user that is a member of the DefiniSec KODiAC Cloud Services operations team. In this case and under specific conditions, that individual person would have, over time and across different usage contexts, access to resources sufficient to recover managed plaintext material. Procedural controls and Operations Policies explicitly preclude activity in support of these pursuits, with many layers of protection, auditing, alarming, and management.
Cloud key disclosure insufficient for access to end-user plaintext content
Except as noted above in very specific conditions and using the exception Operating Mode not available by default, managed plaintext data is not available even with complete, pervasive access to all KODiAC Cloud Service content over all time. This precludes the ability for government agencies to execute legal orders asking for cloud service operators to disclose keys such that they can then engage in surveillance of customer data without the knowledge of the Data Owner.
Theoretical host isolation of managed data
Plaintext data recovery cannot be acquired with pervasive host computer access, over all time, when targeting a DefiniSec-managed data component received but never accessed in plaintext form, on the target host computer – when the Data Owner and all sharing peers require fine-grained 2FA and when the attacker does not have access to the 2FA token before the Account or 2FA token is disabled by cloud service operators.
KODiAC: Stored plaintext content
Through the normal course of using SSProtect, anchored by KODiAC Cloud Services, Non-Privileged and Privileged SSProtect Account/ User activity is stored by nature of auditing built in to every operation and for the purposes of Reporting (with and without Analysis).
Usage audit records mostly in plaintext form
Audit record data is generally stored in plaintext form though source Filename content is in most (but not all) cases encrypted using keying material only accessible to Organization Account holders on host computers separated from KODiAC Cloud Service resources.
Usage audit records not readily available to operations personnel
SaaS operations personnel lack any suitable method for easily gaining access to related content, managed by distributed database clusters that utilize proprietary global replication such that content can be accessed based on Replication Policy and only by authorized SSProtect Account holders under the appropriate Policy-based circumstances and using the :Foundation Client software.
Usage audit records lack Third Party Trust sharing capabilities or controls
Report activity is not available to authorized (or unauthorized or even operations personnel) Third Party Trusts. The one exception is by design and purposed as a part of :Respond Disclosure Risk Reporting, specifically resulting in a report for all Third Party Trust members who have content scoped by :Respond Analysis Report results. These Reports however are not shared with Third Party teams until after reviewed by the Data Owner or associated Privileged Organization Account holders and specifically Released for Third Party visibility.
KODiAC: Managed Content Sharing
KODiAC Cloud Services personnel lack the tools to manipulate stored content in any attempt to authorize Data Sharing beyond that defined by the Data Owner (and associated SSProtect Organization). This is a theoretical barrier resulting from the nature of patented cryptographic offloading, assigning the related Privacy concerns to the control of the managing party.
KODiAC: Data retention/ destruction
Audit data and managed content specific to use of SSProtect is maintained for the lifetime of the managing Organization’s (or Account for Individual purposes) License, then an additional, (re)configurable Grace period of 7 days plus a final Gap period of (re)configurable 7 days. These controls inhibit operations personnel from utilizing management facilities that remove an Organization and all managed content, which then requires sabotage by operations staff after working through multiple layers of protective access provisions based on extensive data access Policies put in place to ensure that any sabotage intent would be practically impossible and as such very limited if the required fundamental access to raw storage were achieved without questions from the required oversight party members.
Data Destruction by Authorized End-Users
Malicious intent from the, “Insider Threat” as it applies to authorized SSProtect customers is not available through any :Foundation Client control facility API call or mechanism: Client/ User Data Delete is not implemented at any level except the lowest level raw storage removal logic executed when service personnel are authorized after License expiration, noted in the immediately following text.
Authorized Data Destruction by Operations
Data removal, even after the License, Grace, and Gap period expiration, is a manual three-step process that requires:
- Removal of the Organization w/ internal operations software – the controls not enabled until after License expiration requirements are met
- Removal of the 2nd-order long-term :Recover content, if/ when applicable (if an Organization never used :Recover, this is irrelevant)
- Removal of the 2nd-order backup :Recover content, unless as noted :Recover was never utilized by the Organization or its’ members
Even still, after the required system state is achieved and operations personnel execute the associated Organization Delete logic, multiple copies of interim state will exist such that reconstruction could be achieved though not without significant effort and/ or disruption. This represents a healthy balance between unintended removal of content and, in dire circumstances, an ability to reconstruct content (which generally and throughout the lifetime of any given Organization exists as part of the progression to the state noted here). Note that reconstruction maintains theoretical plaintext isolation at all times, except when using the noted Operating Modes in the given specific circumstances.
v1.2; November 2nd, 2021