Circles of Trust™

www.cryptomill.com

Product Brief

CRYPTOMILL CYBERSECURITY SOLUTIONS

product overviewCircles of Trust™ is an enterprise security software system that eliminates the risks associated with data breaches from a hacker attack on any network, cloud, or email server; as well data leaks through lost or stolen devices.

Using CryptoMill Trust Boundaries technology, data is cryptographically bound to a select group of users and devices. Circles of Trust™ employs folder-centric file-level encryption to provide an intuitive “trusted-circle” access rights sharing capability. Once protected, the files can be shared and used by only members of the Circle. If a protected file ends up in the wrong hands (a non-Circle member), it is unreadable and unusable - it stays protected and cannot be decrypted.

Circles of Trust™ supports all file formats - no plugins required. It offers central management, multiple device sync, mobile device readers, and protection of files stored on the cloud.

Circles of Trust™ security capability is API-driven and can be integrated with existing business processes. Encryption can be automated so that any time sensitive data is exported, it is protected. You also have the ability to revoke access to any files anytime, anywhere.

Simple Workflow1. Create a Circle2. Add members and folders3. Share files through any meansOnly members can access protected documents

Key features• Prevents accidental data breaches• Protects data in the event of loss or theft• Seamless and transparent protection• Secure and easy group sharing• Online administration for ease of management

across company systems

Security Highlights• File-level persistent encryption• Stays secure even in cloud storage• Strong encryption using government-standard

AES cipher

Benefits• Secure sharing with project groups• Date expiry for documents• Track documents• Revoke access to documents• Seamless and transparent• No interruption to workflow• No additional passwords

OVE

RVIE

W

Alice can have a “Circle”

for each client.

p1

Alice

client Cclient A

Alice

client B

Alice

CRYPTOMILL CYBERSECURITY SOLUTIONS

technology

zero overhead key management

Our Key Management Server eliminates the need to store millions of keys. Keys are recomputed as needed based on environmental components.

• Mobility friendly - Fully functional when disconnected from the network

• Scalable - Secures any number of files, on multiple devices

• Reliable - Always recover access to encrypted items

trust boundaries

absolute data protection benefits

benefits

benefits

Cryptographically-enforced organizational perimeters limiting which people, PCs, mobile devices, and storage can share protected data.

• Data Protection - Privacy is always preserved by encryption

• Prevents Internal Breaches - Data can’t be accessed outside of a Circle

• Easy Group Sharing - Automatic access to data within a Circle

Circles of Trust™ files remain encrypted regardless of where they are stored. As a result, a user can safely store and view data at any time.

• File Level Security - Circles of Trust™ encrypts each individual file

• Security Everywhere - Remains encrypted on a computer, at rest, in the cloud or on mobile

• Seamless and Transparent - Allows user to work on files in their native application

Circles of Trust™ utilises CryptoMill’s unique technologies to ensure the highest standard of data security.

TECH

NO

LOG

Y

p2

CRYPTOMILL CYBERSECURITY SOLUTIONS

FEAT

URE

S

features

multiple device sync

logging and reporting

mobile device readers

central management protected cloud storage

A file protected by a Circle can be sent through cloud storage providers without losing its encryption, and it will still be accessible only only to the designated members of the Circle.Circles of Trust™ supports the following cloud storage providers:

Circles of Trust™ gives administrative privileges to trusted individuals, allowing for easy management of employees’ access levels using the Circles of Trust™ Management Console. Furthermore, each user can be given the ability to efficiently carry out commands within their created Circles such as:• Instant Invitations: New Circle members

can be invited immediately• Recovery: Circle data can be retrieved from

any member• Revocation: Excluding a member is easy• Logging & Reporting: Audit trail for sensitive

operations (Administration only)

User devices will be synced to their account, allowing for access to all of their Circles on any device. Any Circle related changes made on a user’s device result in an instant update to all other connected devices.

Circles of Trust collects detailed logs of events providing audit trails on user activities relating to Circles.

Circles of Trust™ is supported on iOS, Android, and Windows . This allows the user to have on-the-go secure access and management of all their protected data.

on premises key control

Cryptographic keys are kept on the customer premises - not in the Circles of Trust™ Management Console. This ensures only the user’s organization has access to the keys and data.

revocation

A user can be removed from a Circle at any time by an administrator, or an owner of the Circle, thus revoking their access privileges. Once privileges have been revoked, the user will no longer be able to access protected data, regardless of when they received a file.

Apple iCloudGoogle Drive

DropBox

p3

recovery time expiryRecovery of access to data is always available and only in the hands of the organization with the on-premise Key Management Server (KMS). When deployed in an enterprise, data is always accessible by the organization in which the circle exists.

RAD@R provides data-at-rest encryption to protect digital assets residing on servers. Uniquely, RAD@R also provides data-in-use protection: defending against attacks, remotely or locally, on back office servers & storage. RAD@R provides transparent decryption services for server

• At-rest / in-use encryption for live data on application servers

• Only authorized server processes can access protected data

User, administrator, or business processes can specify the time duration for which Circle members have access to encrypted files. Time expiry can be applied to individual files, or Circles. After the set time period, the member will no longer have access to the protected data. This applies even if they had previously downloaded a copy.

applications, without impacting functionality such as indexing, preview generation, etc.

RAD@R sits just underneath DMS middle tier, In between the DM manager and document storage system.

• Data loss prevention from any unwanted intruder or rogue administrator

• Existing server functionality preserved and unchanged (e.g. search & indexing)

CRYPTOMILL CYBERSECURITY SOLUTIONS

DAT

A-AT

-RES

T / A

CCES

SIN

G /

FEAT

URE

S

accessing encrypted assets

data-at-rest for servers - RAD@R

p4

Web View (Level 1)Trust View (Level 2)Trust Edit (Level 3)• No Download• Access through any browser

• No Install• Sandbox Viewer • No Export,

No Screen Capture

• Full Install• Edit and Collaborate

CRYPTOMILL CYBERSECURITY SOLUTIONS

architecture

ARCH

ITEC

TURE

/ O

N-P

REM

ISE

KMS

benefits• No keys or documents stored in the CoT Management Console• On-premise KMS provides instant onboarding and recovery• Web based Managment Console supports multiple administrators within the organization• Supports multiple user device platforms

CoT Client CoT ClientCoT Management Console

secure communications

facilitator

CoT Client KMS(CoT Key

Mgmt Server)

AD Server

Inside the Enterprise Firewall

Enterprise Network

on-premise key management server

The on-premise KMS with Circles of Trust™ is an ideal way to boost productivity while still keeping a tab on security.

TheKMS deployed in your organization provides instant onboarding of new Circle members and instant provisioning of new devices for existing members. It is your own private data security component, providing secure cryptographic key exchange to people that are granted membership into Circles.

The KMS is designed with a fail-safe switch which automatically locks down all protected data to a secure format the moment it loses power.

This enables system-wide backup capabilities to be safely applied and makes theft of data through physical attack virtually impossible.

benefits• Detailed logging and reporting for auditability

and traceability• Makes the key material available for

synchronization between users devices• Instant on boarding for invited users even

when Circle owner devices are offline• Enables enterprise-wide recovery• Integrates with Microsoft Active Directory

All your secrets stay safely under your control and you are guaranteed that security will not be compromised through any cloud-targeted attacks.

p5

CoTWebView

Server

CRYPTOMILL CYBERSECURITY SOLUTIONS

additional value

ADD

ITIO

NAL

VAL

UE

cryptographic access driven

The components of a key are divided among three environmental contributors:• Circle members• Circles of Trust™ credentials• The protected dataIf any of these components are missing, access to the file is prevented.

folder-centric classification

Circles of Trust™ works well with the user’s existing folder structure making it simple and intuitive. An end user can easily and naturally classify data based on their regular organization of files.

cloud file protection

Secure data syncing to the cloud allows a user to easily share a protected file across all of their devices. Even if a user’s cloud storage account is hacked or accessed by an outsider, the protected files that have been uploaded cannot be decrypted.

supports consumerization

Circles of Trust™ is a light footprint, compact software solution that works well with federated ID, resulting in minimal IT management. Its compatibility with multiple devices per user as well as mobile platforms allows it to integrate efficiently into any work environment.

secure cross border sharing

With Circles of Trust™, working as a team has never been easier. Ad hoc groups can be formed easily via Circles and files can be safely transferred through any means, whether it is by USB, email, or a cloud folder.

seamless access to protected files

Circles of Trust™ works with any file type and provides protection at the file system level. This seamless and transparent experience is based on virtualized access to encrypted files.

p6

CRYPTOMILL CYBERSECURITY SOLUTIONS

benefits

time expiry & revocation

data protection everywhere

no interruption to workflow

secure group sharing

seamless & transparent

no additional passwords

BEN

EFIT

S

p7

CRYPTOMILL CYBERSECURITY SOLUTIONS

secure group sharing

no additional passwords

secure data sharing in the cloud

Gene shares her sensitive design data with Hank who works at a specialty manufacturer via the cloud.

A network/cloud hacker gets unauthorized access to Gene’s account but is unable to read her protected data.

Hank Hank

Hacker ?!Gene

Hacker

Gene

WITHOUT Circles of Trust™ WITH Circles of Trust™

USE

CAS

ES

p8

control over shared assets

WITHOUT Circles of Trust™ WITH Circles of Trust™

use cases

Jennifer sends a project file for review to Ken, who is a partner at an external agency.

Ken at the reviewing agency can only view the project file preventing unauthorized copying, screen-capturing, and sharing.

Jennifer Ken Jennifer

View Only

Ken

Copy

CRYPTOMILL CYBERSECURITY SOLUTIONS

accidental data breaches via email

Alice emails a confidential project proposal to Bob Barker instead of her manager Bob Baker.

Circles of Trust™ prevents Bob Barker from reading the Circles of Trust protected files attached to the email.

lost usb drives

Alice misplaces a USB drive containing sensitive client data at work. Eve finds the USB.

Eve cannot access any Circles of Trust protected files on Alice’s USB drive.

Alice

Bob Barker

Bob Baker

WITHOUT Circles of Trust™

WITHOUT Circles of Trust™

WITH Circles of Trust™

WITH Circles of Trust™

?!

?!

Eve

Alice

Alice

Bob Barker

Bob Baker

Eve

Alice

USE

CAS

ES

p9

v 3.4 CRYPTOMILL CYBERSECURITY SOLUTIONS

about

CryptoMill Cybersecurity Solutions is an innovative security software company, with disruptive technologies that address security and privacy related issues from the edge to the cloud.

CryptoMill’s suite of security software products eliminate the risks associated with data breaches from a hacker attack on any network, cloud, or , email; as well as data leaks through lost or stolen devices.

contactCryptoMill Cybersecurity SolutionsSuite 301, 100 Front Street East, Toronto, Ontario, Canada, M5A 1E1Toll free: (855) 441 4333T: (416) 241 4333 ext. 101F: (416) 241 4333E: info@cryptomill.com

sales contactE: sales@cryptomill.com

connect with us

YouTube: http://www.youtube.com/user/CryptoMillTech

Facebook: https://www.facebook.com/CryptoMill

Twitter: https://twitter.com/CryptoMill

LinkedIn: http://www.linkedin.com/company/CryptoMill-Technologies

main red

PMS 1795CC0 M96 Y90 K2

YOUTUBE LOGO SPECS

PRINTgradient bottom

PMS 1815CC13 M96 Y81 K54

on dark backgroundson light backgrounds

standard

no gradients

watermark

stacked logo (for sharing only)

standard

no gradients

watermark

stacked logo (for sharing only)

white

WHITEC0 M0 Y0 K0

black

BLACKC100 M100 Y100 K100

p10

ABO

UT

Product Brief

www.cryptomill.com