In an increasingly hostile cyber environment it becomes more and more important to implement file security technologies that effectively deny exploitation of the hacked data files. One of the more impressive products filling that need comes from Trivalent, an Annapolis, MD technology firm, exhibiting at SOFIC 2017, in Tampa, Fl. The company developed three security platforms, Trivalent Protect, Trivalent Protect Apps and Trivalent Protect SDK. Currently, Trivalent is the only NIAP approved and FIPS 140-2 certified file-level cryptographic software solution that is not only fully scalable, but integrates seamlessly with any existing or legacy technology.
In order to fully appreciate just how elegant Trivalent’s solution is, it’s necessary to have a general understanding of how data is stored and organized on your computer’s hard drive; that job falls to the computer’s operating system, for example Windows.
When you create a document, spread sheet or update a relational database, the operating system creates and index. That index points to the hard drive sectors that contains the file. Unlike an l.p. of Mozart’s chamber music where the entire audio impression is contiguous, a computer file can be broken up an stored in any number of available sectors of the hard drive. The more dispersed the file is the more fragmented the drive is. When a file is “deleted” the operating system deletes the index entry but the file fragments remain on the hard drive. This is how law enforcement can retrieve data from a hard drive that has been erased.
There are a number of hacks to contend with, one that is frequently employed functions a follows. The hacker installs software on your computer. Once installed, the software creates a virtual private network with the hacker and allows him or her to tunnel into your computer or laptop. The hacker is then able to FTP the contents of your entire hard drive. These attacks usually occur when a computer user clicks on an unknown link or is fooled by a phishing e-mail.
Trivalent’s file-level encryption solutions achieve several differentiating levels of protection. The company’s security software installs on a P.C. or Laptop as a driver. Once installed, their software provides data security through three layers of cascading encryption keys, which are shredded along with the files. Our separate authentication serves as an additional countermeasure against hackers attempting to gain access at the file level.
Trivalent’s software sits between your application , for example Excel or Word, and captures the data generated by the application encrypting and shredding the information, and disperses those data shreds across the system’s persistent memory (its hard drive). The technique prevents exploitations of the data by exfiltration software. The end result is the data is not stored as a whole preventing attribution of the shreds and eliminating the possibility of recombining identifiable data. It’s also very important to note that processing your application’s data occurs without any significant amount of latency, even video streams!
Trivalent’s technology operate outside of the computer’s own operating system; ergo, customary data recovery is not possible. Even if the entire contents of the hard drive were copied, there would be no way to recombine the encrypted data and exploit its content.
I’m a big proponent of using biometric data to generate encryption keys so I put that question to Eric Damon, Trivalent’s Director of Government Sales and Joe Tuck, Trivalent’s Solution Engineer. Presently the company’s software does not support biometric key generation but rest assured their key generation and management is every bit as robust as their software. Trivalent’s security solutions are scalable and easily deployed enterprise wide.
I want to leave you with a thought. You can not rely on solutions like “Bleach Bit” which is freeware downloadable from an internet site. Bleach bit will hijack your web browser and expose you to malware. I call it an infectious vector. If you are an IT Director who allows users and technical staff to use downloadable freeware, you should find another way to earn a living.
In closing, I was extremely impressed with the company’s approach, its product and the folks behind them. If data security is of concern to you, I strongly suggest you contact Trivalent to arrange a demonstration. They are offering a real time solution to a real time problem that is proving to be increasingly difficult to manage.