Transparent File Protection with Strong Encryption
Cord3’s UNITY File for AWS S3 solution transparently encrypts and protects access to files stored in AWS Cloud servers hosting S3 buckets.
Every organization must secure access to sensitive data. Because administrators are trusted users with high privilege, no effective solution has been available to prevent their privileges from being hijacked or misused to access or steal sensitive data.
This remains true in the shared responsibility model for Cloud, where CSP administrators and organization administrators all have unrestricted access to Cloud data.
True until now, that is. Welcome to Cord3’s Unity File for AWS S3 solution.
Cord3 provides a simple, elegant approach for organizations to govern Cloud data protection using their own policies and also prevents CSP administrators and their own administrators from accessing sensitive data.
To stop breaches, Cord3 protects data using strong, transparent encryption and controls access to protected data stored in S3 buckets. Cord3 intercepts file traffic between users (which could be applications) and the AWS Storage Gateway. Once intercepted, Cord3 applies the organization’s security policies to data before it is securely stored and accessed. No changes are required to endpoints, applications, or the AWS Storage Gateway.
Each object in a Cord3-protected, S3 bucket is encrypted using a random, one-time AES 256-bit key. Encryption keys are not accessible to users, applications, or administrators, including AWS administrators.
Cord3 manages all aspects of encryption and key management transparently so that data is strongly protected in transit and at rest.
Easy for Users
Unlike other file encryption technologies that are complex for users, UNITY File for AWS S3 works completely transparently. Users simply Save and Open files as they normally would and our solution automatically protects files and grants access to protected files – all according to your organization’s security policy. When users open folders, they only see the files they are authorized to open. There are no encryption keys for users, applications, or administrators to manage since UNITY File for AWS S3 takes care of everything.
No File Access for CSP & IT Admins
Traditionally, both the CSP’s administrators (external) and the organization’s internal IT administrators have had unrestricted access to files stored on file and Cloud servers. With UNITY File for AWS S3 in place, files are protected so that only authorized users can see file contents. If your organization does not want CSP and/or IT admins to see file contents, it is easily done with UNITY File. CSP and IT admins can still do their tasks to maintain S3 servers, but they can no longer see contents of sensitive files.
Most importantly, preventing administrators from seeing sensitive files enables you to Stop Privileged Credential Abuse attacks where attackers steal administrator credentials to get unrestricted access to information. This type of attack is involved in every significant cyber incident. Stopping Privileged Credential Abuse attacks has traditionally been extremely difficult, but it’s easy with Cord3.
Compliance
Every organization has sensitive files that require protection. Strategic plans, financial data, employee information … we all have it. UNITY File protects files to ensure your compliance with regulations like GDPR and other regulations protecting privacy of personally identifiable information. And you will spend less on system audits because sensitive files are protected – consistently – according to your organization’s policy without the traditional complexity that has made users work around IT security.