PreVeil Zero Trust Security

Security Overview

The National Security Agency now strongly recommends a Zero Trust approach to security which eliminates trust in any one element, node, or service by assuming that a breach is inevitable. PreVeil adheres to these principles and was architected from the ground up to secure information without solely relying on measures to keep hackers out.

Server Attacks

Even with encryption in transit and at-rest, networks and servers can be compromised. Attackers can decrypt and read an entire organization’s emails and files.

End-to-End Encryption

End-to-end encryption ensures that information is encrypted and decrypted only on users’ devices. Even when an attacker compromises the server, they only get gibberish. Nobody but the intended recipient, not even PreVeil, can read users’ messages and files.

Password Compromises

Passwords are a headache for users and create a significant security risk – they are routinely phished, guessed, or stolen. Compromised passwords are used for unauthorized access, escalating privileges or  impersonating a user’s identity.

Secret Keys

PreVeil users don’t need to remember or manage passwords. Access to accounts is protected by secret encryption keys that are only stored on user devices. Unlike passwords, these keys can’t be guessed or stolen. Even if all your passwords are stolen, your PreVeil account will remain secure.

Administrator Breaches

Hijacked or rogue administrators represent a significant risk because they have broad privileges to access an enterprise’s information. A single compromised administrator can give attackers access to an entire organization’s email and files.

Approval Groups

PreVeil’s Approval Groups™ cryptographically distribute trust across a predetermined set of admins, so that no single person can compromise the entire enterprise. Administrators can still gain full access to corporate data for governance or compliance, but only after receiving authorization from a set of approvers.

Phishing & Spoofing Emails

Most devastating attacks are initiated by hackers using email to phish or spoof targeted users. The information gained is then used to compromise sensitive and valuable corporate data.

Trusted Communities

PreVeil Trusted Communities allow administrators to restrict communication to white-listed domains and email addresses.  This ensures that only members of a trusted community can exchange email and files, virtually eliminating phishing and spoofing attacks.