for our 12/13 webinar (1PM ET) with leading cyber attorney Robert Metzger on the risks of not complying with DFARS 7012 & CMMC
Our CMMC whitepaper has helped over 2000 defense contractors jumpstart their compliance journey. Check out our updated version for CMMC 2.0.
Most services, such as Microsoft Office 365, Google, Box, and Dropbox rely upon having full access to your data. They assume they will be able to protect your data from cyber attacks. However despite the industry’s best efforts, these systems are compromised by attacks on passwords, admins and servers.
The National Security Agency now strongly recommends a Zero Trust approach to security which eliminates trust in any one element, node, or service by assuming that a breach is inevitable. PreVeil adheres to these principles and was architected from the ground up to secure information without solely relying on measures to keep hackers out.
Even with encryption in transit and at-rest, networks and servers can be compromised. Attackers can decrypt and read an entire organization’s emails and files.
End-to-end encryption ensures that information is encrypted and decrypted only on users’ devices. Even when an attacker compromises the server, they only get gibberish. Nobody but the intended recipient, not even PreVeil, can read users’ messages and files.
Passwords are a headache for users and create a significant security risk – they are routinely phished, guessed, or stolen. Compromised passwords are used for unauthorized access, escalating privileges or impersonating a user’s identity.
PreVeil users don’t need to remember or manage passwords. Access to accounts is protected by secret encryption keys that are only stored on user devices. Unlike passwords, these keys can’t be guessed or stolen. Even if all your passwords are stolen, your PreVeil account will remain secure.
Hijacked or rogue administrators represent a significant risk because they have broad privileges to access an enterprise’s information. A single compromised administrator can give attackers access to an entire organization’s email and files.
PreVeil’s Approval Groups™ cryptographically distribute trust across a predetermined set of admins, so that no single person can compromise the entire enterprise. Administrators can still gain full access to corporate data for governance or compliance, but only after receiving authorization from a set of approvers.
Most devastating attacks are initiated by hackers using email to phish or spoof targeted users. The information gained is then used to compromise sensitive and valuable corporate data.
PreVeil Trusted Communities allow administrators to restrict communication to white-listed domains and email addresses. This ensures that only members of a trusted community can exchange email and files, virtually eliminating phishing and spoofing attacks.