Unless you are the only one holding the keys to your data, encryption is meaningless. Our whole system is built entirely on the premise that you, and only you, have the keys to your data. Since your keys are never transmitted to Global Data Sentinel in their original form, this means that not even we can access or view your data.
Every secured data resource, whether it is files or messages, has a unique encryption key, and is encrypted using advanced cryptography protocols. Using this type of encryption ensures that if one key is compromised, then only that single resource that was encrypted with it will be compromised, this is Perfect Forward Secrecy.
All keys are kept encrypted and control of them remains with the data owner. Access to each individual key is through a unique architecture, which imposes identification and authorization services to be invoked. A multi-level security protocol using large set public/private key pools ensures the ultimate in data protection.
Even if your data is encrypted during transit or storage, many data security companies store your encryption keys along with your data. This means that anyone with access to the location of your data, will also have access to the keys, and therefore complete access to the data you thought was secure.
For this reason, GDS creates a data access authorization channel separate from the data movement channel. Because only the 256-bit keys are moved along that authorization channel, the total bandwidth utilization required by the GDS data control channel will always be a tiny fraction of the total bandwidth required by the data channel. Therefore, control and access channels for GDS protected data are guaranteed to exist – provided a data channel is in existence.
Our service is available as a product to install on your network, as a service hosted in the cloud or both (hybrid).
May 20, 2015