Filling the cybersecurity gaps

Filling the cybersecurity gaps

Protection is only effective when it’s applied at the most granular level, everywhere, and all of the time. This means your Data – whether it’s on your endpoints, in your cloud service, or even with others as email. The SecureAge Security Suite offers a complete and proven solution for everyday enterprise security needs.

This is evidenced by our 19-year history of ZERO plain Data breaches with organisations of all size and our unique ability to protect ALL types of Data, whether in-transit, in-use, or at-rest.
wave

What makes the SecureAge Security Suite different?

Through time-tested file encryption technology and design, the SecureAge Security Suite achieves Data protection with a careful balance of 100% Data security, application integrity, and real-world usability.
wave
Proactive Data security
Ensuring Data protection is pervasive and persistent, SecureAge’s file encryption technology comprehensively closes ALL security gaps to achieve 100% protection across every file, every place, and every time.
wave
Intuitive application integrity
Application binding and application control ensure that your Data is only accessed by trusted applications and for specific purposes. Protected Data and protected applications – a complete and proven combination.
wave
Real-world usability
No solution works without accounting for the human element and our approach is to remove it completely. Inherent and invisible by design, our solution allows employees to work as they normally would without even thinking about cybersecurity.

Two pillars of the Suite: SecureData and SecureEmail

SecureData
Secure Data Watch the video
  • SecureData file encryption technology automatically protects every file, every place, every time
  • Application binding to minimise Data loss during a zero-day attack
  • Security Suite for cross-platform secures your Data, on the go
  • SecureAge Security Management Server centrally manages and deploys user profiles and policies (subject to a minimum number of licenses)
Protecting information means securing its most common shape and basic element - the Data file. Running invisibly at the endpoint, it persistently encrypts, protecting each individual file, whether in use, stored, lost or stolen. It works seamlessly with your workflows by employing a seamless PKI-based encryption.
SecureEmail
Email Security Watch the video
  • Unlimited key history to make archived email accessible
  • Policy-based controls to determine how email is sent, stored, forwarded or replied to
  • Seamless plugins for common email tools including Microsoft Outlook and HCL Notes
  • Password service for email blasts (eg: sending bills and statements)
  • SecureAge Security Management Server centrally manages and deploys user profiles and policies (subject to a minimum number of licenses)
Encrypting email should be as easy as sending email - intuitive and accessible to everyone. Through an invisible and non-intrusive key management for email, authenticity and privacy are maintained without any need for training, and without changing the way your team sends and receives email.

The extended Suite combines protection for Data and Email with

  • SecureDisk
    to flexibly encrypt full-disks for authorised users
    SecureDisk Watch the video
    • Create and mount virtual disks on all Windows platforms
    • Simply drag and drop to encrypt and decrypt shared files
    • Authenticate and control with digital signing for added security 
    • Flexibly manage multiple volumes at preferred sizes
    This feature creates and manages virtual disks with volume encryption on any Windows laptop, desktop, network server, or storage device. ALL files stored in the secure disk volume are encrypted and fully protected while remaining entirely hidden from view. With SecureDisk you get all the benefits of Full Disk Encryption (FDE) but with the flexibility of multiple volumes at your preferred sizes.
  • DRM and digital signing
    to verify Data integrity and authenticity of sender
    DRM and Digital Signing Watch the video
    • Securely sign documents so recipients can be assured they are from the original sender
    • Permanently delete documents without leaving a trace
    • Built-in key and signature management

    This is a comprehensive PKI-based feature that secures ALL files with 256-bit AES (Advanced Encryption Standard) file encryption, digital signing and digital rights management (DRM). ALL files are protected from unwanted tampering and interception ensuring privacy, integrity, and authenticity.

  • Application control
    to ensure only trusted applications are allowed to run
    • Administrative oversight over control of trusted applications
    • Allows customized configurations for granular policy settings
    The block-first approach ensures any unauthorised application can do no harm until they are identified and cleared to execute.
  • Cloud storage
    to safely access your Data anywhere, anytime and from any device
    • Non-reliance on cloud vendors for the protection of your Data
    • Persistent and pervasive protection of files moved to GSuite, Office365, Dropbox, OneDrive
    Securely drop, share, store, and manipulate. Maintain control of your Data in the cloud in one seamless environment.
SecureDisk Watch the video
  • Create and mount virtual disks on all Windows platforms
  • Simply drag and drop to encrypt and decrypt shared files
  • Authenticate and control with digital signing for added security 
  • Flexibly manage multiple volumes at preferred sizes
This feature creates and manages virtual disks with volume encryption on any Windows laptop, desktop, network server, or storage device. ALL files stored in the secure disk volume are encrypted and fully protected while remaining entirely hidden from view. With SecureDisk you get all the benefits of Full Disk Encryption (FDE) but with the flexibility of multiple volumes at your preferred sizes.
DRM and Digital Signing Watch the video
  • Securely sign documents so recipients can be assured they are from the original sender
  • Permanently delete documents without leaving a trace
  • Built-in key and signature management

This is a comprehensive PKI-based feature that secures ALL files with 256-bit AES (Advanced Encryption Standard) file encryption, digital signing and digital rights management (DRM). ALL files are protected from unwanted tampering and interception ensuring privacy, integrity, and authenticity.

  • Administrative oversight over control of trusted applications
  • Allows customized configurations for granular policy settings
The block-first approach ensures any unauthorised application can do no harm until they are identified and cleared to execute.
  • Non-reliance on cloud vendors for the protection of your Data
  • Persistent and pervasive protection of files moved to GSuite, Office365, Dropbox, OneDrive
Securely drop, share, store, and manipulate. Maintain control of your Data in the cloud in one seamless environment.
loading...
loading...

All in one centralised dashboard

  • Complete solutions require flexibility, audit logs, and simple key management.
    Meet our Security Management Server.

    Security policies
    Security policies

    Not every endpoint needs the same level of security so with the Security Management Server you can configure how the SecureAge Security Suite runs from an on-premise central admin console. For instance, you can create a policy as a default for your entire organisation, create a tighter one for R&D or finance, and set a flexible one for marketing.

    Audit logs
    Audit logs

    With the Security Management Server you can keep a record of all security events on your endpoints and allow administrators immediate access to the logs via an on-premise admin console for further insight. This feature also includes forensic analysis and historical tracing.

    Users and roles
    Users and roles

    The Security Management Server allows you to create multiple users and groups with varying security access rights. This ensures only your security management team has access to the on-premise central admin console.

    Certificates and keys
    Certificates and keys

    The creation, management and revocation of encryption keys and digital certificates can be a tedious and time consuming task. With the Security Management Server this process becomes easier for organisations to manage.

Complete solutions require flexibility, audit logs, and simple key management.
Meet our Security Management Server.

  • Security policies
    Security policies
    Security policies

    Not every endpoint needs the same level of security so with the Security Management Server you can configure how the SecureAge Security Suite runs from an on-premise central admin console. For instance, you can create a policy as a default for your entire organisation, create a tighter one for R&D or finance, and set a flexible one for marketing.

  • Audit logs
    Audit logs
    Audit logs

    With the Security Management Server you can keep a record of all security events on your endpoints and allow administrators immediate access to the logs via an on-premise admin console for further insight. This feature also includes forensic analysis and historical tracing.

  • Users and roles
    Users and roles
    Users and roles

    The Security Management Server allows you to create multiple users and groups with varying security access rights. This ensures only your security management team has access to the on-premise central admin console.

  • Certificates and keys
    Certificates and keys
    Certificates and keys

    The creation, management and revocation of encryption keys and digital certificates can be a tedious and time consuming task. With the Security Management Server this process becomes easier for organisations to manage.

Security policies
Security policies

Not every endpoint needs the same level of security so with the Security Management Server you can configure how the SecureAge Security Suite runs from an on-premise central admin console. For instance, you can create a policy as a default for your entire organisation, create a tighter one for R&D or finance, and set a flexible one for marketing.

Audit logs
Audit logs

With the Security Management Server you can keep a record of all security events on your endpoints and allow administrators immediate access to the logs via an on-premise admin console for further insight. This feature also includes forensic analysis and historical tracing.

Users and roles
Users and roles

The Security Management Server allows you to create multiple users and groups with varying security access rights. This ensures only your security management team has access to the on-premise central admin console.

Certificates and keys
Certificates and keys

The creation, management and revocation of encryption keys and digital certificates can be a tedious and time consuming task. With the Security Management Server this process becomes easier for organisations to manage.

Achieve inherent compliance for today and tomorrow

ISO 27001

ISO 27001

Our ISO certification proves that we meet the highest standards for establishing, implementing, maintaining, and continually improving information security management systems (ISMS).

Common Criteria Certification

Common Criteria Certification

Our SecureData encryption technology is currently under evaluation for certification to meet strict security requirements for National Security Procurement.

Federal Information Processing Standards (FIPS)

Federal Information Processing Standards (FIPS)

Our SecureData encryption technology is currently under evaluation for certification to further demonstrate our compliance with industry-leading security standards.

EU General Data Protection Regulation (GDPR)

EU General Data Protection Regulation (GDPR)

Our Security Suite fulfils compliance standards protecting individual personal data usage under GDPR.

Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)

Our Security Suite fulfils compliance standards surrounding patient health information as required by HIPAA.

Payment Card Industry Data Security Standard (PCI-DSS)

Payment Card Industry Data Security Standard (PCI-DSS)

Our Security Suite protects the security of personal cardholder data as required by PCI-DSS.

Frequently asked questions about
our file encryption software

What are the costs associated with the SecureAge Security Suite?

The SecureAge Security Suite is licensed per-endpoint, with either a subscription-based or perpetual license option. 

The basic SecureAge Security Suite includes either SecureData or SecureEmail. The extended SecureAge Security Suite includes SecureData, SecureEmail, SecureDisk, DRM and digital signing, Application control, and Cloud storage.

We offer training, consultancy and maintenance services to ensure a smooth deployment and on-going operations support.

What are the system requirements for the SecureAge Security Suite?

The SecureAge Security Suite works on all Windows platforms and will soon be available on Linux and Mac platforms. Contact us for more information on the status of Linux and Mac compatibility.

Will the encryption base of the SecureAge Security Suite slow my system down?
No. Users will not perceive any decrease in system performance. This is because the encryption component is added at the file-system level so that data is decrypted as it is streamed into system memory. This way the application works as normal and only data which is required in memory is decrypted. It also means that files remain encrypted in storage even when in use and being modified. See how our technology makes this possible.
When using the SecureAge Security Suite, who can access what and where?

With the SecureAge Security Suite there is no access to any file without the SecureAge agent. The pervasive encryption and application binding prevents the product from being disabled by a malicious actor. In addition, our AI-powered endpoint protection solution (CatchPulse) is linked to our PKI-based encryption functionality. That means if it is ever disabled, no files would be accessible.

For further security, online and offline policy controls can be added for different individuals or groups of users. “Online” means that the end-user is connected to the Security Management Server (within the network) and “Offline” means that they’re not. With detailed logging functionality, the Security Management Server collects logs from itself and from all endpoints. If the Security Management Server is unavailable for a defined period of time (e.g. when the user is offline) logs are maintained by the client for 2 days by default.

How do I know if my SecureAge Security Suite software is genuine?
Hash values can be thought of as the fingerprints for files. Just like our fingerprints, no two are alike. The hash values will change significantly if the contents in the file is modified in any way. A widely used algorithm that produces hash values is the SHA256 cryptographic algorithm. To verify that your SecureAge Security Suite software is genuine, click here to check the hash values.
How is SecureAge Security Suite email different from Microsoft Office 365 options?
SecureEmail works independently of any centralised server and decrypts emails with the recipient’s private key at the endpoint. SecureEmail also has the option to generate a one-time password requiring recipients to validate their identity before accessing.

Email encryption features are available through Microsoft Office 365 if users have E3 subscriptions and above and can configure their settings through Azure Information Protection. When signed in, recipients can receive encrypted messages with Office 365 Message Encryption (OME) which decrypts in the Microsoft server with the recipient’s private key that is stored there. OME also has the option to generate a one-time password requiring recipients to validate their identity before accessing.

Read how our technology avoids the gaps in server based processing and authenticates each file for each user at the endpoint.
How does the SecureAge Security Suite exchange encrypted email externally?

SecureEmail allows users to exchange encrypted emails with other people outside of the organisation (i.e. those that do not have the SecureAge Security Suite). When using this feature the entire email body and any attachment will be encrypted to ensure 100% privacy. Recipients will be prompted to verify their email address in order to obtain the password to decrypt.

SecureEmail works with S/MIME which is a widely accepted e-mail protocol that is supported by most commonly used email providers such as outlook and apple mail. S/MIME is an important Simple Mail Transfer Protocol (SMTP) which allows for widespread and secure email connectivity.

How is SecureAge Security Suite email different from Pretty Good Privacy (PGP) email?
The Security Suite email uses Public Key Infrastructure (PKI) technology to encrypt files and email communications. PGP is another encryption method used to increase the security of email communications. While both can encrypt data, their fundamental difference lies in how much the user needs to be involved in making security decisions, specifically about who to trust. The PKI trust model relies on trusting certificates generated by Certificate Authorities. These authorities are central bodies that regulate how keys are generated, kept and managed. This means organisations using the PKI model do not have to worry about distributing and keeping keys or managing and revoking certificates. Often, an organization runs their own Certificate Authority and therefore determines who to trust on behalf of users.

The most popular PGP model is the open PGP model. The open PGP model follows a decentralized ‘web-of-trust’ model whereby each user decides whether or not they trust another user – there is no central authority or standards which manage identity verification, or which govern the level of trust. Users determine their own standards for identity verification, meaning that each person needs to make the security decision whether to trust someone else's digital identity. To use open PGP, users will have to download, install and complete the set-up themselves in their email program. SecureAge Security Suite email does everything for the end-user behind the scenes, removing the human element from Data security concerns.
How does SecureAge Security Suite strengthen security of third party applications?

Application Binding can be used to create a Data sandbox which prevents advanced persistent threats. It combats these threats by allowing you to set your own special rules as to which circumstances a file should be decrypted / encrypted thereby ensuring files are only opened by certain applications (eg: only Microsoft Word can open .doc files). This prevents reading / editing of files from any other application such as Adobe Reader).

This is useful for high risk applications such as web browsers. For instance, if Internet Explorer is attacked or compromised, only those path directories accessible to Internet Explorer will be affected, all other user systems and Data remain intact.

How does the SecureAge Security Suite handle two-factor authentication?

The SecureAge Security Suite is designed to support any form of multi-factor authentication. This includes seamless integration with passwords and key cards or USB tokens. It is interoperable with all PKCS#11 based secure devices including Smart Cards, Security Tokens, or Hardware Security Modules (HSM).

How does the SecureAge Security Suite strengthen Microsoft AIP (Azure RMS)?
SecureData is designed to encrypt all files no matter what application they are produced by or what platform they are on. Applications do not need to integrate with SecureData - they operate completely as normal, with SecureData transparently authorising, decrypting, and encrypting unseen. SecureData works across all Microsoft Windows platforms and protects files that are not protected by Microsoft AIP. For example:

1. Log files and backup files. A recent Data theft of an online service simply involved the attacker gaining access to log files which contained personally identifiable customer information. With SecureData these logs would have been encrypted. While most backup software includes encryption capabilities, the systems administrator will be able to access any Data within the backup. Microsoft AIP encrypts specific files copied to the backup but all other files will remain unprotected in the backup.

2. Temporary files and the system swap file. Many applications create temporary files that often exist purely for the duration of the application's execution. Microsoft AIP recommends BitLocker for temporary file protection even though it does not work for a live system. With SecureData, live temporary files are protected. As applications execute, portions of their memory space may be held in the swap file. With SecureData this information is encrypted and useless to hackers.

3. Files from legacy applications. Since SecureData operates at the file level, applications do not require knowledge of how to decrypt or encrypt files or how to authorise or deny Data access. Microsoft AIP supports limited versions of Windows and Windows Server.

4. ALL database files. Organisations operate multiple databases, often using different database versions and even different vendors. With SecureData, all database files, structured or unstructured, no matter the version or vendor are encrypted and managed centrally. Microsoft TDE (Transparent Database Encryption) only supports files from specific versions of Microsoft applications and requires a different product for each vendor and versions of their databases.
How does the SecureAge Security Suite protect my Data on SharePoint?

For enterprises that use SharePoint Server for collaboration among team members, our SecureData technology automatically protects all files that are dragged and dropped into the SharePoint server. This means, only authorised collaborators with the right key are able to access, read, and edit the information contained within SharePoint. This limits involvement by the users and it protects unauthorised insiders or unwanted external sniffers from stealing any information.

Further mitigating the risk of Data leakage is the Data access audit logs which capture details about every file accessed on SharePoint including movement of files out of SharePoint. This Data log helps administrators identify the cause of any anomalies.

How does the SecureAge Security Suite help with global compliance?
SecureData technology works to protect your Data at the file level meaning data security lives independently from infrastructure, security training, or monitoring. Embedding security controls within the Data itself, Data protection is proactive and pervasive. This fulfils the requirements of cyber security frameworks and compliance standards popularly adopted across industries and businesses of all size such as the National Institute of Standards and Technology (NIST) Framework, the ISO 27001, and the General Data Protection Regulation.

The SecureAge Security Suite provides compliance with:

Framework(s):
- National Institute of Standards and Technology (NIST) Framework
  (NIST-SP800-171 / NIST-SP800-53 / NIST-SP800-111)

Certification(s):

Legislation(s):
- Data Privacy Bill (e.g. California SB 1386)
- Protection of Sensitive Agency Info (White House OMB)
- Gramm-Leach-Bliley Act (GLBA)
- Personal Data Protection Act (PDPA)
wave wave wave wave wave

See our file encryption software in action

loading...
loading...
loading...
loading...

Our website uses cookies to ensure you get the best experience and can find what you need. Read our cookie policy