Built on the foundation of distributed key management, Atakama provides unparalleled data protection for your most critical file-based assets, wherever they are stored. Even when attackers breach a system or the perimeter of a network, your data remains protected.
Conventional Encryption Fails in the Face of a Data Breach
Traditional encryption solutions are no longer capable of protecting files in the face of a cyber-attack. Legacy encryption solutions are also inherently tied to identity and access management (IAM) controls, which store user identity and profile data, as well as an individual’s data governance functions. These user-credentialed applications, group privileges, and third-party data entitlements are increasingly compromised by threat actors, enabling carte blanche exposure of your sensitive files. Organizations that continue to rely on encryption tied to IAM will suffer devastating results.
Atakama’s infrastructure consists of three general cryptographic components: asymmetric cryptography, symmetric cryptography (considered quantum resistant with sufficient bit lengths), and threshold cryptography.
Stop File Exfiltration:
Eliminate the threat of ransomware data exfiltration attacks.
Address cybersecurity compliance mandates for encryption of data at rest.
Secure Sensitive Data:
Easily encrypt mission critical files without disruption to existing user workflows.
Zero Trust Infrastructure:
Ensure zero trust at the file level through multifactor encryption, without reliance on usernames and passwords.
How It Works
Encryption Without Passwords.
Files are encrypted based on policy. This convenient user experience makes it easy and seamless for employee adoption.
Distributed Key Management.
Each file is automatically encrypted using AES with a 256 bit key. The unique key for each file is then automatically fragmented into “key shards” and distributed across physical devices or Atakama Key Shard Server (KSS). Eliminating centralized key servers as a single point of failure.
Untethered From IAM.
Decouple file access verification from identity and access management, eliminating IAM as a single source of truth for verifying access.
Seamless Integration and Deployment.
Whether your business stores files on a network drive, in the cloud, or a hybrid model, Atakama is easily deployed and installed within your existing environment.
The Technical Details
Distributed across devices, including the Atakama Key Shard Server, user workstations, and mobile devices.
DEPLOYMENT OPTIONS OPTIMIZED FOR UX AND BUSINESS PROCESSES
Users can decrypt files through the power of their mobile device. Decryption occurs seamlessly, with a user clicking on a file and receiving a notification on their mobile device. The notification is a request for the mobile device to provide the relevant key shards to reconstitute the encryption key and decrypt the file.
Simply tap approve, and the file opens. Or launch a session during which multiple files (throttled by volume and time policies set by the administrator) can be opened. Decryption is achieved without the need to tap approve for each individual file. With the use of sessions, users need not access their mobile device more than once per day, yet data remains encrypted until accessed by the user.
Key Shard Server (KSS):
The Atakama KSS maximizes file level security for use cases centered around automated and batch file processing. In scenarios where the KSS is deployed in tandem with or in addition to the mobile device architecture, user workflows are maintained with a seamless user experience.
Secure File Transfer: Atakama’s Secure File Transfer generates a download link that is shared with the recipient, using email, Teams, Slack or other collaboration tools. The sender maintains complete control of the decryption event with the added benefit of being able to verify the recipient’s identity before the file is downloaded.
Encrypted Search: Atakama’s built in search capabilities enable users to search encrypted files, without requiring decryption or the need to maintain an unencrypted search index. Keep your data protected, without disrupting productivity.
Detailed User History: User activity is logged and can be aggregated at the admin level to gain a better understanding of individual usage, usage trends, and for compliance purposes. Create customized alerts and notifications with detailed user file interaction logging that can be fed into your existing SIEMs and SOCs.
Data Discovery and Classification Integration: By seamlessly integrating with leading data classification tools, Atakama helps organizations stay ahead of shifts in the modern threat landscape by automatically encrypting files according to policy defined by data classification tools.