Management and Data Security Consulting

The CyRNA™ Provides Superior Encryption Key Management

Present Issue: One of the largest issues with encryption is the management of keys. Often times encryption keys are handled and managed by humans or stored in a data store (with little or no protection). This can cause the encryption keys to be vulnerable.

CyRNA Solution: CyRNA™ key management is done in an automated environment inside the CyRNA™ device and is never handled by humans or stored in an open environment. CyRNA™ keys and strings (Strings are unique to the CyRNA™ tech) are stored in a secure environment inside the CyRNA™ device with no outside access.

Management and Data Security Consulting

CyRNA™ Blocks Root Access to the CyRNA Hardware Device

Present Issue: Often perpetrators gain root access to the network or an authorized employee has access the network: Just as Edward Snowden did with the NSA-They then can steal the encrypted data and steal the keys from the open data store and easily have access to all the data.

CyRNA™ Solution: CyRNA™ blocks root access to the CyRNA™ device even for authorized employees. In addition, because CyRNA™ data is stored in fragments, stealing the data directly off the disc does not matter because the stolen data can only be reassembled by the CyRNA™ device that fragmented that data and thru an authorized user account.

CyRNA™ also prevents brute-force offline attacks. Even if attackers obtain the key material used by CyRNA™ they have to determine the order to assemble the randomized pieces. Successfully doing this is remote at best because the CyRNA™ fragmented data has no Meta-Tags or identifiers.

Management and Data Security Consulting

CyRNA™ Helps Mitigate Stolen Credentials

Present Issue: If a perpetrator steals someone’s credentials they can use those credentials to access the network and they quickly and quietly copy all the data to an external disc. It may be months before any one would discover the data was stolen.

CyRNA™ Solution: Because the data is stored in fragments, if someone were to use stolen credentials or a disgruntled authorized employee uses their own credentials, the perpetrator has to reassemble each data file in order to get usable data. CyRNA’s custom monitoring system, CyRNA Watch™, monitors all user activity and has the ability to detect the unauthorized assembly of mass amounts of data. This automatically stops the theft in real time. Also, user activity recorded by CyRNA Watch™, enables an organization to recognize exactly what was stolen in a timely manner.

Management and Data Security Consulting

Disaster Recovery

CyRNA's solution provides a viable disaster recovery method. Our solution is two fold:

  • The data shards can and should be stored in redundant locations local to the network and off-site.
  • The core CyRNA™ database is encrypted with a public key and backed up to a remote location, only to be decrypted with private key that should never be on a live network. In the case of a disaster, a CyRNA™ machine will be rebuilt and populated with the backed up CyRNA™ database requiring the private key to decrypt the sensitive CyRNA™ database.

© 2016 Oceansblue Systems LLC. All rights reserved.