Certivox's PrivateSky tackles email security with cloud-based encryption

By Antone Gonsalves, CSO |  Security, encryption

Certivox has launched a cloud service that the vendor claims solves the decades-long problem of securing email and attachments, so only the recipients can read them.

The new service, called PrivateSky, handles all encryption and decryption at the browser, so data is never unsecured when it is traveling or stored on the Internet, according to Certivox. PrivateSky was made generally available Thursday.

Even though email was invented roughly 40 years ago, security remains a headache for most companies. In a survey released last year, secure messaging provider VaporSteam found]that three-quarters of the respondents from large companies said they have violated compliance rules via email. About a third of them said they did so intentionally.

Certivox is attacking the problem by making the process of securing messages and documents in PrivateSky as easy as sending an email. "Effectively, it is a browser-based portal that pushes the envelope on HTML 5 technologies to do end-to-end encrypted messaging and managed file transfers, so that the data is actually encrypted using the browser's native engines," said Brian Spector, chief executive of the company.

HTML 5, the latest version of the markup language for creating web pages, is a much more sophisticated language than its predecessor, HTML 4. The new technology comes with a full database for storing gigabytes of information and removes the need for most add-ons, such as JavaScript and Flash, which are huge security risks due to a large number of vulnerabilities.

PrivateSky only works on HTML 5-supported versions of Mozilla Firefox and Google Chrome browsers. To send an email and attachment, a registered user logs into the portal, writes the message, uploads the attachment and presses encrypt and send. PrivateSky scrambles all data through technology embedded in the page before the information leaves the browser to Certivox's servers.

The receiving addresses are sent a message with a link that the recipient clicks to enter PrivateSky and enter his name and email address. The portal then sends a message with another link that the recipient clicks on to go back to the portal and setup a four-digit PIN. Once that is done, PrivateSky stores a token in the HTML 5 database in the browser, so the next time the person visits the portal to retrieve messages, he will need the PIN that matches the token.

"It really just acts like a closed-loop web-mail system," Spector said.


Originally published on CSO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Ask a Question