Embed Size (px)
DESCRIPTION
Citation preview
Confidentiality and cloudTresorit answers to cloud security concerns
International recognition
• Windows, Android, Mac, iOS
–People love it
–4.7/5 ranked app
• Business HQ in Switzerland
• R&D HQ in Hungary
• Servers in EU (Amsterdam & Dublin)
Information is the new oil
• Worth keeping safe
• Cloud could be great place
Cloud & Confidentiality
• Access to uploaded files by third party
• Providers outsource several tasks!
• Providers can analyze the data
• Most businesses are not even allowed by law
• NSA and surveillance
Current cloud
• “When you upload or otherwise submit content to our
Services, you give Google a worldwide license to use, host,
store, reproduce, modify, create derivative works,
communicate, publish, publicly perform, publicly display and
distribute such content”.• Google Terms of Use
• Dropbox-Honeydocs
– Honeydocs alert if document is opened
– Turned out, Dropbox analyse
Keep it on premise...?
• Is it really secure?– How much does it worth?
– What is the density?
• Costs– IT labor cost + Management
– Procedures and audit
– Software+Hardware
– Server room
– Duplication and backup
– Financing and projects
• Flexibility
• Multinational environment?
Encrypt. Sync. Share.
Philosophy:
„We NEVER collect or store your files, encryption keys and
passwords are unencrypted or invertible form. Files and
some corresponding encryption keys can only be
decrypted by the people you have explicitly shared with.”
Tresorit Terms of Use
Zero knowledge technologx
Noone else can access it.
True client side encryption
Everything is encrypted before upload.
You’re in control.
We have access only to encrypted data. Information
remains on your side.
Encrypt. Sync. Share.
Sync any folder
Unlike in Dropbox, with Tresorit you can choose any
folder to sync.
Access from other devices.
You can have your current folder structure untouched.
In-place sync
Files stored in a simple folder
Works with any file format
Works with any other application
Works offline
Access files anywhere, securely
Easy mobile access
No more FTP, no more VPN
No more papers on the road
Highest standard physical security of servers
Servers maintained by Microsoft Ireland
In the Amsterdam and Ireland, EU
Encrypt. Sync. Share.
Encrypted sharing
Patent-pending technology enables to share encrypted
content with others.
Based on strong, 4096 bit RSA based public key
cryptography and AES256
PGP like technology – client-to-client key exchange
What is encrypted in Tresorit, stays encrypted in Tresorit.
Even if you share it.
Other people will able to decrypt the content, but no
one else, even we cannot access any of your information.
Sharing with public link
Files are still encrypted – unlike other public link
Decrypts file in browser – no software install
Full Javascript based cryptography
Encrypt. Sync. Share.
$50,000 award
In April 2013, we offered $10.000 to any hacker who
can access data stored in Tresorit.
We copied our infrastructure, filled up with virtual
user data, obviously not with real user data.
We gave the same access to the hackers what we
have.
No need to hack firewall or any other access control,
it is open.
We increased the price to $25,000 in November 2013,
then $50,000 in April 2014
We are still not hacked since April 2013
And the feedback was that it is impossible to do so. $25,000award if hacked
Current security model - channel encryption
Alice
Mallory
Mallory
?ServerStorage
Tresorit’s client-side encryption
Alice
Mallory
Server
Mallory
?
?
Bob
?Storage
Available on major platforms
Tresorit in action
Sync
Drag&Drop any folder
Name it & Start syncing
You are safe. It’s easy.
Check out the changes
Share
Select the Tresor you want to share
Invite by e-mail
Manage roles & include personal
message
Accept the invitation
Sharing with public link
Client side encryption – in browser
• Easy to share
• Key never sent to server
• JavaScript decryption
https://share.tresorit.com/?000 … YC3E#jlx1ws … nBuZw==
Only the browser can access the key after the „#” sign
Drag&Drop files to create a link
Download the shared
file
• By email:
• Tresorit whitepaper: https://tresorit.com/tresoritwhitepaper.pdf
• Sharing link whitepaper: https://tresorit.com/blog/introducing-
tresorits-public-sharing-feature-cryptolink/
• Our blog: https://tresorit.com/blog/
• Our support portal with lots of information and FAQ:
https://support.tresorit.com
Learn more about our product
