High-speed file security is available in a secure environment protected from most network access.
We produce high-quality enterprise-class HSM products.
Our products are designed for IT departments to enforce risk reduction of leaks if private files are stolen.
Our cryptographic algorithms rest on a solid foundation of object substitution and permutation.
Our algorithms make use of cryptographic-quality random 384-bit symmetric keys.
Kryptera RNG Test01 Crush Test Results
The keys are randomly drawn from several large encrypted containers of generated cryptographic-quality random objects.
The container and position within that container are both randomly selected.
A key is drawn from the selected container, decrypted then is randomly changed (mutated).
The processing cycle begins.
The result is a uniquely encrypted file that can only be decrypted using the same server.
It may be possible, though often unfeasible, to stop file theft by attackers gaining access to computers, mobile devices, networks, servers, and cloud storage, flawed operating systems and software applications, insecure backups, and back doors in hardware and software.
Private files have been stolen, are being stolen, and will be stolen.
Leaks and improper use of private files occur every day.
Kryptera HSMs are a secure turnkey solution that embraces server-side file processing.
Processing to automate encryption and decryption of files including files within complex directory chains.
Full automation is possible through scripting, server configuration, and use within a private network.
Kryptera HSMs provide high-speed mass processing and queuing of files and directories.
Kryptera HSMs are autonomous. They do not communicate with external networks, do not require external private key management, and manage private keys internally in a secure and unique manner.
Kryptera HSMs are inventive and disruptive.
Kryptera makes complex simple.
After that we'll provide details about our HSM solutions that will permanently alter your reality for the better.
Our solutions are inventive.
We created completely new hardware security module solutions.
A new approach with a new design using all new proven technology to make it all come together.
Our solutions were designed to simplify encryption and decryption of files.
Simplify to remove obstructions that prevent organizations from protecting their most valuable assets.
Our products provide IT departments with control over file security rather than rely on provision of a PKCS #11-compliant API.
We’re facing a very serious crisis today that is not going away
The problem is cybercrime, and more specifically, the rapid growth of insider breaches.
The problem is getting worse, not better, with global losses approaching $3 trillion a year.
A key to the problem lies with current forms of encryption that require users to retain and manage passwords, passphrases and private keys.
Some organizations are now managing millions of encryption keys.
This has resulted in:
Kryptera HSMs come to the rescue, with a breakthrough approach to encryption of private files.
Kryptera's high speed mass encryption uses a unique method of internal key management.
Kryptera supports processing of many files, even within complex directory chains, at the very same time.
So no more excuses, no more hassles, no more reason for organizations to:
So why rely on obsolete encryption methods?
Kryptera has a brand new key that can help you stop leaks of private files and manage the insider threat crisis.
This list will confirm the validity of claims we make that relates to risks.
Please share this list with subject matter experts within your organization to determine risk levels and exposure.
Criminal employees may work alone or report to:
Insider breaches have been increasing year after year. Today, over 60% of reported losses now come from within. Most losses are not reported.
It is simply too easy to steal from inside without being caught. The main culprits are trusted insiders, often unvetted by HR. Even ordinary employees can cause serious security breaches.
Debts | Obligations | Legal Issues | Blackmail |
Addiction | Illness | Beliefs | Hatred |
Greed | Control | Justice | Vengeance |
Jealousy | Envy | Pride | Gullibility |
Fear of suffering | Opportunity | Grudges | False news |
New employees are often provided with a computer that connects to internal and external networks.
Many employees are given access to email, private storage areas, shared resources, an Intranet site, and remote VPN access.
Smartphones may be provided, or the use of personal smartphones encouraged.
Organizations rarely monitor access to R&D, database administration, network administration, and critical roles in IT, support, finance, sales and marketing.
Criminals can work at these levels and be trusted, can operate beneath the radar and do things that can prove impossible to detect or stop.
They steal confidential files with impunity, insert back-doors, and destroy anything they want.
Employees familiar with the Darknet can unleash destructive events.
Providers of malware, ransomware and DDoS attacks found in the Darknet will attack an organization at low cost. Providers share revenue or pay for information to simplify attacks. Buyers will pay for stolen files and private information. The Darknet is available through the Internet, and accessed using the Tor network.
Here are the 10 most common pieces of information sold on the dark web and the general range of what they're worth—or rather can sell for:
Attacks are levied in retaliation for perceived grievances, to bring down a competitor, silence opposition, stifle contrary information, make money or simply to cause chaos.
Attacks can create high-paying work for people associated with an attacked organization. An internal criminal can leverage internal chaos to steal and transport private files and information.
To steal digital data requires access to files and information, temporary storage to house stolen files, and methods of transport for stolen files.
Intelligent criminals can easily:
Criminals can copy or steal files:
To gain full access, criminals can:
This is an effective way to gain full access to drive contents without an account or password
Organizations can also encrypt internal storage to prevent plaintext copying to USB storage. Encrypted storage is only secure after it has been powered down.
To avoid detection, insider criminals can transport stolen files from original sources, leaving fewer traces behind.
They can clean traces of their activity to prevent detection, and securely erase files after transport.
By defragmenting internal storage, they can overwrite sectors previously used by stolen files.
Insider criminals can leave traces behind. Shared network logs should be reviewed to check if employees are copying too many files.
Traces will be left behind if internal storage placed is in a USB case is accessed on a Windows or Macintosh computer. This is prevented by using a Unix or Linux computer, or by using a USB case that includes a read-only switch to prevent writes.
It is common for employees to set up Cloud space without authorization from the IT department.
Once set up, original private files can be directly transferred into Cloud space.
This can lead to long term problems for the organization. When original private files are present in Cloud space, the risk is high that security will become an issue.
Smartphones are major security risks.
Most smartphone applications are highly invasive, and malware infection is extremely common.
Rogue applications can capture keystrokes, audio, video, still images, screen captures, web activity, telephone calls, and most other forms of communications.
Smartphones can be connected to computers using a cable, WiFi, Bluetooth, and Near Field Communication (NFC).
SIM cards can be changed to communicate over alternate carrier networks.
Methods abound to transport stolen files and information using smartphones.
Technology provided by Amazon, Apple, Cisco, Facebook, Google, Microsoft, Samsung and others present security and privacy risks to users.
Each have created technology that records and retains private conversations and actions.
Some retain video, audio, and telephone conversations. Most retain location and other private information.
Some permit staff to review stolen recordings, where another relies on staff to transcribe stolen recordings.
Organizations should avoid relying on technology that creates internal security issues.
It’s hard to accept that people you trust and respect, that you work with and spend time with, are criminals.
Criminals who steal and leak private information do not care about the destruction they cause.
Kryptera Technologies has created the Enterprise and Mirage product lines.
Both products share features such as manual or automated high speed encryption and decryption of many files at the same time with internal private key management.
File encryption, with regularly scheduled encrypted backups, are the major ways to defeat leaks of stolen files, and associated loss.
Kryptera technology is directed to these ends.
We're pessimistic.
Dedicated thieves will always find ways to steal and transport what they want and little can be done to stop it. But Kryptera offers a simple solution to stopping leaks:
With Kryptera in operation, there is no way thieves can decrypt a file without access to the same Kryptera server, or the same secure group of Kryptera servers, used to encrypt the file.
Kryptera products are designed to simplify encryption/decryption.
We make complex simple. And simplicity removes any reasons to avoid encryption of valuable private files.
Each product is provided on a turnkey network server that has been securely customized for client use.
Kryptera servers efficiently reduce the risk of leaks through high-speed mass encryption of many files and directories of files at the same time.
Our design allows for queuing up of an unlimited number of files and directories for processing.
Files are randomly and securely encrypted.
Encrypted files normally cannot be decrypted on a different Kryptera server.
One scenario can correct a widespread security fault where original private files have been directly stored in Cloud space and are subject to leaks on Cloud breach.
Using two Encrypted File Sharing (EFS) servers will correct this problem:
A Kryptera server hosted in a private network is used to decrypt files brought down from Cloud space, and encrypt files before transport into Cloud space.
This design minimizes risks of Cloud breaches leading to leaks.
Original files, including complex directories, that are stored in Cloud space will be mass-encrypted using the virtualized EFS server.
Available cores and memory, and speed of storage on the virtualized EFS server determine how quickly files can be encrypted.
Automated processing can occur 24/7.
As processing completes, original files and directories can be replaceed with the encrypted versions.
The virtualized Kryptera server is then destroyed after all files and directories have been encrypted.
For example, an administrator can create one to many departmental servers where each unique server is used to encrypt files that cannot be decrypted by other departments.
One to many managerial servers can then be set up to decrypt encrypted files from one to all departmental servers.
Managerial servers can encrypt files that cannot be decrypted by any other server within the organization, unless the hierarchy allows it.
Sharing of queues can automate encryption of archival backups prior to storage.
The archival backup would be written to a mounted input queue. The archive is encrypted then moved to a shared output queue directory used as a source for final storage to tape, NAS or cloud.
The Enterprise code base can be used to create products that will operate on large capacity servers and computers down to extremely small computers and devices.
While both product lines encrypt and decrypt files of any size, Mirage is three times faster than Enterprise when tested on identical hardware.
Mirage is best for critical processes that require real time encryption such as post-production movies, CCTV feeds, and database backups.
We are retricted by a Non-Disclosure Agreement (NDA) on what information we can provide.
Sibylline was used on a Flat Panel Detector that is used for X-Ray imaging.
Embedded firmware on each FPD utilizes Sibylline to encrypt X-Ray scanned images before they are written to storage media.
The embedded hardware does not provide support for AES-NI at a hardware level.
AES software processing is extremely slow on the embedded hardware due to the complexity of the algorithm.
Sibylline processing is fast on the embedded hardware.
Sibylline was incorporated into an associated Windows 64-bit Software Development Kit (SDK).
The SDK is used to decrypt images provided by the FPD.
Sibylline was designed for anonomous encryption and decryption of images.
The FPD has no knowledge of the computer (SDK) used to decrypt images.
The SDK has no knowledge of the FPD used to encrypt images.
Encrypted images cannot be decrypted without use of the SDK.
We have reconfigured computers and servers to bypass security, restrictions and monitoring, and have cleared all traces of activity. We have also developed software that relates to NTFS ADS and direct sector writes.
We can help you to reduce internal risks, and isolate related problems.
Copyright © Kryptera