|
Primary use characteristics and advantages of Tricryption file level encryption are: | 
| | Transparent & Customary: Transparency and customary usage are essential for acceptance of use within an enterprise. Benefits of this transparency and accustomed use must translate to all those involved in the enterprise: users, IT administrators, and security administrators. Tricryption meets these requirements for: | | | Users - Desktop actions and commands: users perform existing and customary actions typical of their OS environment and applications.
- Encryption mechanics: actions related to key identification, selection and usage are accomplished automatically and coherently without need of interruptive user interactions.
- Assured information sharing: access permissions in Tricryption are structured like the way current IT systems distribute files so there are no artificial procedures required by users to share and collaborate on their secured information.
IT Administrators
- Installation: support for direct and script based methods.
- Enterprise Integration: Tricryption integrates with current industry standard authentication, authorization, guard/firewall and other systems allowing ‘plug-and-play’ without need for expensive infrastructure revisions or upgrades.
- Network Backup: due to the way Tricryption operates, files in storage always stay encrypted avoiding the risk of inadvertent capture of decrypted files during snapshots, checkpoints and backups.
- Insider Threat: IT Administrators may accomplish their tasks without the need to see file contents.
Security Administrators
- Logging data: Tricryption logs are centrally maintained and available for either report based periodic review, or dynamic monitoring by various Security Incident Monitoring (SIM) systems such as IBM Tivoli, Intellitactics Security Manager, and OpenServices InfoCenter through use of Tricryption’s API.
- Policy enforcement: Tricryption may be made mandatory or discretionary without need for complex controls and mechanisms.
- Security review: Tricryption allows a reviewer function that allows authorized security staff to anonymously or transparently review content in the enterprise.
| 
| | Networked & Autonomous (Disconnected) Operation: Tricryption allows autonomous operation of encryption nodes by activating internal key management capabilities which, in effect, allow key servers and encryption clients to temporarily co-operate on the same platform. Existing key copies (current encrypted files) and blank keys (potential new files) are ‘checked out’ from the main key server. When the autonomous encryption client is reattached to the network, all keys are ‘zerorized’ and logs are sent to the key server to be synchronized with the master logs. This usage is ideal for laptops or in anticipation of network outages. | 
| | Architecture Efficiencies: With file encryption clients distributed among the enterprise architecture, the overall processing cost of encryption is decentralized over the nodes. - Scaling and distribution: Key servers may be scaled and allocated to various client encryption groups (Communities of Interest/CoI) as encryption operational loading dictates.
- Key Server federation: Different key servers may be connected to each other through federated trust relationships, allowing users in one group to transparently retrieve keys from another group’s key server after authentication and authorization.
- Low network traffic impact: The network loading of a key server to client communications results in minimal encryption client network traffic and presents little to no effect on network latencies.
- Modular implementation: Decentralization of encryption clients combined with federated key server allocations enable efficient and effective modular encryption capabilities implemented across any size infrastructure or deployment.
|
|
ERUCES File Encryption (2 Page PDF)