Certivox's PrivateSky tackles email security with cloud-based encryption

Certivox has launched a cloud service that the vendor claims solves the decades-long problem of securing email and attachments, so only the recipients can read them.

The new service, called PrivateSky, handles all encryption and decryption at the browser, so data is never unsecured when it is traveling or stored on the Internet, according to Certivox. PrivateSky was made generally available Thursday.

Even though email was invented roughly 40 years ago, security remains a headache for most companies. In a survey released last year, secure messaging provider VaporSteam found]that three-quarters of the respondents from large companies said they have violated compliance rules via email. About a third of them said they did so intentionally.

Certivox is attacking the problem by making the process of securing messages and documents in PrivateSky as easy as sending an email. "Effectively, it is a browser-based portal that pushes the envelope on HTML 5 technologies to do end-to-end encrypted messaging and managed file transfers, so that the data is actually encrypted using the browser's native engines," said Brian Spector, chief executive of the company.

HTML 5, the latest version of the markup language for creating web pages, is a much more sophisticated language than its predecessor, HTML 4. The new technology comes with a full database for storing gigabytes of information and removes the need for most add-ons, such as JavaScript and Flash, which are huge security risks due to a large number of vulnerabilities.

PrivateSky only works on HTML 5-supported versions of Mozilla Firefox and Google Chrome browsers. To send an email and attachment, a registered user logs into the portal, writes the message, uploads the attachment and presses encrypt and send. PrivateSky scrambles all data through technology embedded in the page before the information leaves the browser to Certivox's servers.

The receiving addresses are sent a message with a link that the recipient clicks to enter PrivateSky and enter his name and email address. The portal then sends a message with another link that the recipient clicks on to go back to the portal and setup a four-digit PIN. Once that is done, PrivateSky stores a token in the HTML 5 database in the browser, so the next time the person visits the portal to retrieve messages, he will need the PIN that matches the token.

"It really just acts like a closed-loop web-mail system," Spector said.

Certivox offers a free version of the service for sending messages. The premium version costs $9.95 a month and allows users to send files up to 10MB and comes with 5GB of storage.

Certivox is not alone in selling cloud-based file sharing. Others include YouSendit and Box. Certivox is hoping to differentiate itself with its end-to-end encryption, which it is pitching to government agencies and the finance and health care industries.

Read more about cloud security in CSOonline's Cloud Security section.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place