Keys? We don't need no keys. How to share and encrypt without sharing the key.
So many keys, so little time
One of the big issues and barriers with
encryption is key management – You need a strong, random, hard to guess key that both parties know, you need to share this key with the other party, and
managing how to store the key somewhere safe is a serious impediment to widespread
adoption of encryption.
Any security focused app that want's to be successful needs a user experience that hides many of the steps needed to secure data while at the same time, securing the data. And even more importantly - You need to take the decision whether or not to encrypt out of the hands of your team by making it seamless and transparent.
Any security focused app that want's to be successful needs a user experience that hides many of the steps needed to secure data while at the same time, securing the data. And even more importantly - You need to take the decision whether or not to encrypt out of the hands of your team by making it seamless and transparent.
With DropVault we try to address the
issue of managing your keys – We let you share conversations and documents with
anyone without ever sharing the encryption key.
How does this work?
When you create a channel and choose an
encryption key, we also create a password.
For every user you invite to access the channel, we also create a unique
password for them. This password is one of the pieces needed to access the key.
The important piece is that key itself is never shared.
Why this makes a difference?
By just having a password for each user,
we are keeping the key secret. This improves security and also means that when
a user or customer leaves or no longer requires access to the channel, you
simply remove the invite (and password). They walk away with no knowledge of the key itself.
Keys? We don’t need no keys
When you think that any communication with another party or person will likely involve more than one message, so generating and sharing a key for each message would be an administrative nightmare, and a user experience killer.
So we address this by grouping all communications (or conversations) with another party into a channel and then securing the channel with the key and the password.
By just having a password (and two factor
authentication/Fido/Yubikey) the user experience is much better. Just invite someone to the channel, give them their password and DropVault automatically decrypts all the conversations and documents in the channel - Can be one conversation or 100 conversations, with or without documents yet every single one is encrypted and secured.
Because the user is already in the channel and authenticated, adding a new conversation or document is simple and the encryption is transparent. Just add or reply, attach your documents and save. In the background, Dropvault encrypts and adds it to the channel.
We don't need to ask for any keys or passwords to save or send. That's a user experience that makes your team share securely by default.
Because the user is already in the channel and authenticated, adding a new conversation or document is simple and the encryption is transparent. Just add or reply, attach your documents and save. In the background, Dropvault encrypts and adds it to the channel.
We don't need to ask for any keys or passwords to save or send. That's a user experience that makes your team share securely by default.
You now have a highly secure way to share
encrypted conversations and documents while keeping the user experience as good
as it can get.
- You also make your documents more secure because you never compromise the key – this is always held by the business and never by the user that is accessing the content.
- You can revoke access at any time – The key never needs to be changed because it’s never been shared.
- By keeping conversations inside a secured channel, you allow the user to interact and view any message or document without the need to manage keys for each message. This increases productivity and time in the app while ensuring security.
- With the entire channel being secured, the decision to secure a message or document is no longer a choice for the user. This is security by default and makes you sharing
Comments
Post a Comment