Security Overview

Most services, such as Microsoft Office 365, Google, Box, and Dropbox rely upon having full access to your data. They assume they will be able to protect your data from cyber attacks. However despite the industry’s best efforts, these systems are compromised by attacks on passwords, admins and servers.
The National Security Agency now strongly recommends a Zero Trust approach to security which eliminates trust in any one element, node, or service by assuming that a breach is inevitable. PreVeil adheres to these principles and was architected from the ground up to secure information without solely relying on measures to keep hackers out.

PreVeil’s Data Security Principles

Fundamental Vulnerability

Server Attacks

Even with encryption in transit and at-rest, networks and servers can be compromised. Attackers can decrypt and read an entire organization’s emails and files.

PreVeil Security

End-to-End Encryption

End-to-end encryption ensures that information is encrypted and decrypted only on users’ devices. Even when an attacker compromises the server, they only get gibberish. Nobody but the intended recipient, not even PreVeil, can read users’ messages and files.

Fundamental Vulnerability

Password Compromises

Passwords are a headache for users and create a significant security risk – they are routinely phished, guessed, or stolen. Compromised passwords are used for unauthorized access, escalating privileges or  impersonating a user’s identity.

PreVeil Security

Secret Keys

PreVeil users don’t need to remember or manage passwords. Access to accounts is protected by secret encryption keys that are only stored on user devices. Unlike passwords, these keys can’t be guessed or stolen. Even if all your passwords are stolen, your PreVeil account will remain secure.

Fundamental Vulnerability

Administrator Breaches

Hijacked or rogue administrators represent a significant risk because they have broad privileges to access an enterprise’s information. A single compromised administrator can give attackers access to an entire organization’s email and files.

PreVeil Security

Approval Groups

PreVeil’s Approval Groups™ cryptographically distribute trust across a predetermined set of admins, so that no single person can compromise the entire enterprise. Administrators can still gain full access to corporate data for governance or compliance, but only after receiving authorization from a set of approvers.

Fundamental Vulnerability

Phishing & Spoofing Emails

Most devastating attacks are initiated by hackers using email to phish or spoof targeted users. The information gained is then used to compromise sensitive and valuable corporate data.

PreVeil Security

Trusted Communities

PreVeil Trusted Communities allow administrators to restrict communication to white-listed domains and email addresses.  This ensures that only members of a trusted community can exchange email and files, virtually eliminating phishing and spoofing attacks.