SSProtect

Working in one of the largest federal government environments it is refreshing to come across DefiniSec. As a single product it can replace 5 others currently used that still can't provide the net benefit of Definisec. Low latency, honey pot alerts, the ability to track and recover files from any touchpoint in the past, the protected files are only decrypted while on-glass in front of the authorized user, credentials are AD independent, 3 dimensional or split keys prevent re-assembly of key if somehow the files are stolen, and this is an incomplete listing of the functionality of this product! I encourage a deep dive as after more than 18 months of use discoveries of the capabilities of DefiniSec at still being realized. The developers are among the most responsive I have encountered.

Definisec is a full system approach - it is not a simple or basic approach to encryption and requires an introduction to its use, and a goodly amount of operational time with it.

I am truly impressed and think this will blow past the completion in short order! It is worthy of further investigation as a serious contender for the best encryption approach available today.

The ease of use sets this product apart from the alternatives. Setting up and administering the product is much easier than I expected, especially given the capability of the solution. Once installed, it is very simple and intuitive to use. Providing high levels of security for critical documents and email communication has always been a concern for our organization and finding a solution that was both effective and easy to use has been a struggle, at least until we started using SSProtect. As a technical team member I am very concerned about effective data protection and SSProtect provides the high level of protection we need. SSProtect is intuitive to use, which is critical for our other less technical team members. Many data protection solutions are cumbersome, making adoption difficult, but SSProtect is different. It works easily with existing work flows, which is important to the average user on our team.

We ran into a few minor technical issues which were quickly resolved. It is a new product so the development team is still ironing out minor issues, but they have been quick to address any problems that arise.

This product could be a game changer for security. It provides an advanced level of protection including detection/recovery from Ransomware attacks.

I really like that I can share files with other people without worrying about their lack of security since I know that my information stays secure unless they purposely disassociate the file with the app. Why would they do that? Most people I work with want to do the right thing - they only try to avoid stuff like this if it gets in the way. SSProtect doesn't at all. I just wish I could use it with more people, but I heard the new FREE version is going to do basic encryption and decryption, but without the integrated app integration. Make sure you check that out. If you don't think it's pretty cool vs. typical encryption software you have the FREE version (or something's wrong). I also really like backup/ restore - that saved me a couple times when I needed to go back and find something from months before. I don't keep my backup drive connected all the time (Ransomware) and I don't have copies of all the changes so this was really cool when I needed it. Speaking of Ransomware, it seems if somehow it sneaks through all the other stuff this would be the final showstopper it would face - and for the first time Ransomware loses. Make sure you look at what they are starting to call Managed Access (same thing I mentioned above). So now throw a Honeypot in there and remotely audit every single thing while sending files and email to people in your company without picking target users that stuff is destined for, and if you disable the two -factor authentication then it's basically eaxctly like not using it at all. OK maybe you lose a few hundred milliseconds, but it's super fast and totally easy. It's the coolest stuff I've seen in a long time. SEriosly though probably everyone should be using this, or anyone that works with stuff you want to keep secret. If more people had it then it would be great in sales. Like the other review said you'd know who was screwing up and could work with them to fix it - plus it helps keep people honest knowing that everything they do is basically saved. Oh and the updates are pretty smooth - you can actually bypass an update when you login which is GREAT - nothing I hate more than turning on my Playstation and waiting 20 minutes to update before I can do anything. At least with this you can do what you need to and then update.

It's new, so sometimes there are problems but they get fixed really quick. I wonder how long that will last, but right now it's good. There's a ton of documentation which I won't read, but when you get stuck it's kinda good because if you take the time the answers are usually there (I just send an email though). The biggest issue is not enough people use it - there isn't any way for me to send protected information to someone that doesn't use it. They don't have a web site so you can't login and read like with other document service. I also would like better reports. The data format could be fixed but I built a translater so I could push it to Splunk and make normalization easier, and they do have a command line call that generates a report so that makes it easy to build a program and schedule it to get the data in Splunk. They say that might be coming soon but it depends - I think that's way important. The one thing that's really hard is you can't look at previews to see what's inside a file or email. Right now it's kind of hard to protect things all at once too, but being new the 80/20 rule seems to have worked pretty well so far. For an encryption product, it's hard to complain but it's so simple you forget and want everything to be absolutely perfect, which makes it seem in need when really it's an order of magnitude ahead of anything else that does online backups or encryption (much less together).

We have a couple jobs on the table and I'm really interested to see how integration is going to go with the command line interface they have. They should have built a C# .NET wrapper but more that's coming I guess. I'll probably finish up my own. But, to me, this seems like the next natural thing in security and I can see a day where this is how everything works built right into the filesystem. That's the way it should be - and when you take all the heuristic inputs to determine who is at the keyboard, the 2nd-factor becomes an automatic things and then you have exactly what you want - real security without ever doing a single at all. I bet someone else will do that and these guys will get with those guys and if it doesn't end up in Windows them it's maybe a way for Linux to get on the desktop.

First off, SSProtect is an extremely well documented product. The product is fairly straightforward but if you get into trouble there's plenty of help to get it installed, administrate and so on. SSProtect is a Windows only solution that supports Windows 7, 8.x, 10, and Windows Server 2008 R2 and 2012 R2 - all 64 bit. There is an add-on to the core installation to protect email which supports Office 2010, 2013 and 2016 via a plug in. One installed, the software is really transparent and seems to integrate well with other utilities like AV software. SSProtect, on the surface, looks and feels similar to other tools in this category like VeraCrypt(Truecrypt), AxCrypt, BitLocker. However its much closer to PGPs file encryption strategy rather than disk encryption or volume encryption. You encrypt a resource by using the explorer plugin to right click on a resource and then "activate" SSProtect for that resource. The process is similar in email where you can "protect on send" and the plugin encrypts the email and then sends it along. It is here where the solutions deviate dramatically, and the real value of SSProtect begins to emerge. First off, Two Factor authentication is rigorously integrated into the solution supporting solutions such as YubiKey and OAuth tokens. This can greatly enhance the security of the solution and should appeal to organizations that already embrace security tokens and CAC cards. Secondly, and most compelling, is the trust model. Many other solutions employ a simple scheme based on public key technology where everyone keeps are part of the key pair secret (private key) and then their is a public component that everyone can access (public key). Encrypting with one allows you to decrypt with the other. With SSProtect there is another layer of encryption that happens to enforce a trust model within the cloud. In this trust model, you establish *who* is permitted to access encrypted content from you and this is further isolated by who you want to specifically access the content. While, at first, this sounds overly complicated what it achieves is really the next step for products like this. Because of how the content is doubly encrypted you now create an ecosystem that provides for detailed access logging. Say for example a breech of some sort occurs and it is presumed that some content has been downloaded. When that content is reviewed it will of course be encrypted. If the attacker attempts to use the software to decrypt, this attempt is logged: you now have a record of what file was accessed, by whom and where. If you were to send a sensitive document to someone who then released the protection on that file, that would also be logged. This offers an amazing amount of auditing for sensitive information and far better protects those assets. Lastly, because of the way the cloud solution works it opens up the opportunity for cloud back up of these files. The first concern with a statement like that is, "what happens with a court order or if the company's keys are compromised?" The advantage here is that the files are encrypted by the organization first and then encrypted by DefiniSec. Even if DefiniSec allowed access to the content, the client still has control over the content with keys that never leave their environment. These additions to the normal run-of-the-mill encryption solution make SSProtect a lot more valuable than just an encryption product. Its real value is in the auditing, backup and forensic detail in the case of breech or ransomware situation within an organization. As the trust model matures and additional enterprise features are added, SSProtect has the capability to become a very valued tool in the enterprise.

All solutions have a beginning and SSProtect is a fairly new product. There are occasional minor issues to contend with that are rigorously corrected by the developer. Additionally, the process of file protection on a modern operating system is a complex process. There are limitations to the Explorer Mode mechanism, which are very well documented and understandable (for example network-mapped files). In time, these limitations will clear up as the solution matures. Lastly, sometimes the trust model is a little difficult to administrate, but only once you start developing more complex trust models.

I have used the software off and on now for about a year but recently began using it on a corporate resource to experience the solution within a real workflow. The solution is nearly transparent, which is good - sometimes almost too good. The change in the philosophy that makes auditing, backup and forensics possible really make this something different than a "file encryption tool" and should be closely examined. With intrusions that end up on wikileaks or worse there are no good tools that help you determine what has been compromised once it leaves your organization - and most importantly where it went. This is especially true in marketing and sales where sensitive data, like the performance of a product, often quickly get into a competitor's hands and there is no way to find out who leaked it. Since its important for groups like this to share these details to customers and partners its almost impossible to prevent. SSProtect brings a new idea into the solution set that can help with these problems with little to no interference to the end user.