Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Startup touts safe sharing of Office 365 documents

Tim Greene | June 18, 2015
Startup Vera promises to secure Microsoft Office 365 documents no matter where they go using policies set by the businesses that create them.

Startup Vera promises to secure Microsoft Office 365 documents no matter where they go using policies set by the businesses that create them.

The company lets users restrict access to individual documents or parts of documents in order to keep the content secure even if devices that contain them are stolen.

Vera already supported Office documents, but now it can protect them within Microsoft's Office 365 software-as-a-service environment.

The platform has value when sharing confidential financial documents among business entities, says Sujit Banerjee, managing director at K1 Investment Management and a Vera customer. For example, he can share sensitive financial information among business partners with the assurance that only designated persons can access the unencrypted content.

Vera's CEO Ajay Arora describes it as a secure Snapchat for files and documents.

The platform consists of a client that encrypts documents at the time they are created and a server that stores security policies on each file as well as the keys to decrypt them.

Alan Lepofsky, an analyst with Constellation Research, says the benefit for businesses is that Vera can protect documents without significantly changing user behavior meaning a low learning curve and a likelihood documents will actually be protected. It's also not platform, vendor or device specific, meaning it can be used on a device. And it won't interfere with other security tools.

There is no key management for customers to perform, avoiding a complicated and potentially expensive infrastructure, he says.

To share a file securely, users identify the file, right click on it, choose "secure with Vera" and create a list of who gets access. This last can be done by designating individuals, an email list (email is used to include persons outside an organization) or Active Directory group, Arora says.

Vera allows restricting file use once it reaches an approved party. So it could allow or disallow viewing the document offline, allow or disallow copy, paste and printing, allow or disallow printing a screen or make the file available only for a defined time period, for example.

The platform can also track what people try to do with the data and can revoke permissions for accessing the files.

Vera works on a software-as-a-service model where the Vera server can be based in a cloud or within the enterprise. A desktop application encrypts documents using AES 256 encryption. The encryption key is provided by the server and sent encrypted via HTTPS. Once the file is encrypted the app deletes the key. The application puts a wrapper around the file that indicates its file type. This information plus the policies that should be applied to the file is shared with the server.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.